I need to figure out a way to check if a crossdomain policy file has been loaded before initializing a certain component. The component won't work correctly if the crossdomain policy hasn't been loaded. Is there a way to do this? I can't figure out a way to get this working. This is the script I'm using:
System.security.loadPolicyFile("http://www.remotewebsite.com/crossdomain.xml");
Specifically, the developer of a web service I'm trying to call has installed a cross-domain policy file on his server at:[URL] So, in my SWF, I'm calling this:
[Code]....
Of course, it's not there, so it fails to load. (If the developer could install the file at the root, I wouldn't have this problem, so I wouldn't be using System.security.loadPolicyFile in the first place). It's not just in the IDE - when I test the app in Firefox with Firebug, I can see that the SWF is attempting to load the policy file from [URL].
I've stripped down the SWF so that it does nothing else but attempt to load the policy file from the subdirectory, and it still fails. So, I don't think this has to do with any idiosyncrasies of my specific app. Bottom line - does the System.security.loadPolicyFile work? Is there something else I need to do in conjunction with that call to get it to work? Or, is there something I'm doing wrong?
URL...I'm trying to connect to the java server which sends back the policy data.From the IDE, absolutly nothing happens.Where can I start to know what's going on? I've looked at so many forum posts and exemples but nothing seems to correspond to my problem.the policy file allows all, the ports are open, the file and directory of my local swf are added to the trusted list in the flash global security settings.I'm using Security.loadPolicy File ("xmlsocket://xx.xx.xx.xx:xx"); with the right IP and open port which my server listens to.
View 1 RepliesI try to use Security.loadPolicyFile() and Flash Player goes on error because my firewall stop it. It's ok.
But, when I put the method into the Try{} Catch{} statement, I can not intercept the error.
[Code]...
I have a Flex 4 application the needs to retrieve XML from a web service and the web service does not sit on the same server as the Flex 4 application.
I was getting the Sandbox security violation #2048, I eventually figured out that I needed a crossdomain.xml file on the web service server which I put in C:Inetpubwwwroot. Tried again and all was good, it worked.But, I don't want the crossdomain.xml file to reside in the root of the server because I only want the crossdomain.xml file to affect the directory the web service is in.So I put the crossdomain.xml file into the directory where the web service resides and used Security.loadPolicyFile() but it does nothing, I get the Sandbox security error again. I checked with HTTP traffic with Fiddler2 and the request is being made successfully so I know that the application is getting the file, it just doesn't seem to be using it.
Is there something I'm missing? Below is the AS code I'm using, i tell the application to use the policy file in the application complete event handler, and i load the xml in the buttons click handler.
[Code]...
I'm trying to research some support for this but not getting very far, so I'm hoping you all can help. Is it possible to do something like the following:
Code:
Security.loadPolicyFile("*.mywebsite.com/crossdomain.xml");
The purpose is to not have to create multiple SWFs for each subdomain and not have a list of absolute urls because we do not want this:
Code:
Security.loadPolicyFile("mobile.mywebsite.com/crossdomain.xml");[code]........
Is there a way to set up Http headers to Security.loadPolicyFile() function ??
Other question: Is there any danger when loading an external swf?
I'm doing a project based on youtube videos and BitmapData Draw method. It works fine inside flash authoring but when I upload it on a web server the draw method does not work due to security issues. I tried different methods like
ActionScript Code:
flash.system.Security.allowDomain("[URL]");
flash.system.Security.loadPolicyFile("[URL]");
Or this [URL] but it seems there's no way to make it work.
I don't understand Flash2004's Help about System.security.allowDomain().
View 1 Replieshow does it work?
Code:
var domain = "http://www.mydomain.com";
System.security.allowDomain(domain)
How to post variables to another domain. The other domain is a free cgi-bin service. So I cannot upload a shim movie there. That is, I need to post variables directly to a cgi script on the domain. Is it possible to do so?
View 5 RepliesI am connecting to a Java game server via an XMLSocket and serving the crossdomain.xml policy file via loadPolicyFile(). The problem is, the thing either works, or it doesn't Is there any way I can get any status information back from loadPolicyFile() ?file didn't load, file is invalid, anything. Is there a way to attach an onLoad handler to this? The documentation claims that this thing will wait for a response before it attempts any connections.
View 1 RepliesI have an SWF hosted on one server (let's say, url..),trying load data from a remote server (let's say,url...),in subdirectory /scripts /public/data.txt.In that subdirectory I have a file named crossdomain.xml, with the following content:
HTML Code:
<?xml version="1.0"?>
<cross-domain-policy>[code].....
Now this doesn't work. The SWF doesn't get access to data on that directory. It displays "undefined" instead of the expected value.
Notes:It does find the xml file.I know because when I try to load a file that doesn't exist it throws an error that says the file was not found.When the xml file is on the root directory (and there's no need to call the loadPolicyFile function),it works perfectly (displays the expected value),which means the xml file is fine.I thought maybe I need to wait for the loadPolicyFile to complete,but according to Adobe's help documents, all loading processes wait for the loadPolicyFile process to complete before rejecting a connection .Perhaps I used the loadPolicyFile function wrongly somehow,but I find it unlikely, since I copied the syntax from Adobe's help documents.
I have a swf one one server that is pulling content from an Amazon S3 server. I have set up, for now, a generic cross-domain policy to allow all domains access:[code]These seem to be playing nicely (for the most part) as my swf is loading json, xml, etc. files from the S3 server just fine now. What it's not doing right is loading swfs from the S3 server, when it tries to do that it throws this exception:[code]I assume this is because remote swfs could contain malicious executable code. Do I actually need to set the allowDomain to something or is there some other 'more correct' way of allowing my swf to load up other remote swfs?
View 1 RepliesI am getting a strange problem while I am making my release build swf.The swf is supposed to make some internal server calls and then display the data and also play it.When I make a release build swf and excute it, while making server calls it throws exceptions likeSecurityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=falsecancelable=false eventPhase=2 text="Error #2170: Security sandbox violation:file:///Path to the swf/WebPlayer.swf cannot send HTTP headers to **Method Name to bring data from the server***]And after this nothing can be done as everything depends on the data from the server..I have updated my cross-domain.xml on the server to support the master-only policy file but that also didnt ..My cross-domain.xml is
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
[code]......
I haven't fully grasped how the flash security model works, and now I've ran into a problem. I have a base SWF that loads a game loader swf, which in turn loads the actual game.What I'm trying to do is taking a current bitmap snapshot of the running game. This works fine before the loader swf has loaded the game. When the game is loaded, I get a security violation because the game has images pulled from facebook. Is this something that can be solved on my end, or restricted by security in the game swf?
View 2 RepliesI got a textfile who i am reading on a serverside script and passing it as a script to my client side as3 code. The problem is that i am using characters like ä,ö,ü,ß and this isn't well displayed. I tried System.useCodePage but the compiler complains about : 1120: Access of undefined property 'System'. It doesnt matter if I tried this on the first line of the 'Action' in the first scene or in the first line of the first .as file i am loading. (btw i am only working with .as file and not in the timeline). When i am importing flash.System.* the compiler complains he dont know useCodePage.
View 3 Repliesi have a crossdomain.xml on my server. but it not in "/". and i use loadPolicyFile to load this crossdomain.xml.
Security.allowDomain("*")
Security.allowInsecureDomain("*");
Security.loadPolicyFile(AddressContext.getCurrentEnv().split("rest")[0]+"crossdomain.xml")
the PolicyFile's url is like this :[URL]and my restful webservices address is like this : [URL]crossdomain.xml include my flash's host url.the weird thing is flash still tried to load the [URL] like this first is right and response 200. the second response 400 .finally, the flash still told me SecrityError#2048
I'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.Here are the contents of the root crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies ="all"/>[code].....
Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player. When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http:[url].......I am using Flex 4 beta, and the App Engine Python runtime. I have tried full wildcard in the crossdomain, and even accessing the data endpoint at a relative URL so as to avoid this error.
My SWF resides on domain A, is loaded by a web site on domain B and is trying to ping URL (URLLoader.load) on domain C. But I am getting "#2048: Security sandbox violation" .. why? Of course I have read the manual, I saw the security white paper but I do not understand it. Don't you know any blog or such where it is explained for dummies? With lots of examples and maybe a table showing what is allowed and what is not?
View 2 RepliesIs it possible to make this a mask? The system contains one movieclip of a circle called ball, also a class called ball and a class called particle. I want the particle system movieclips to display an image...I'm sure this is possible...just have not been able to find a way. A little backround, I'm a completely selftaught n00b when it comes to AS3, but I'm grasping it fairly well... the tutorial is on this website, called A Simple Particle System Using Actionscript 3.
View 0 RepliesI get following error: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: [URL] cannot load data from 192.168.3.5:4854. at TicTacToe_fla::MainTimeline/TicTacToe_fla::frame1() ". I tryed to solve this problem about 3 hours, but I failed I have the file crossdomain.xml in the same folder like my .swf file on the server with this content:
[Code]...
this is the error I am having:
TypeError: Error #2007: Parameter listener must be non-null.at flash.events::EventDispatcher/removeEventListener()
at project1_fla::MainTimeline/btnName()
here is my code:
ActionScript Code:
import caurina.transitions.Tweener;
import caurina.transitions.properties.ColorShortcuts;[code]..........
Line 1 Frame 1:
[Code]...
I am trying to trace the results of my listener when the browser is resized...no avail. Are you able to see what I am doing wrong?
I am having a weird problem with scope/reference. I am using a loop to preload a number of thumbs in one go, I am creating a different listener for each one on the fly and then passing event handlers for each one of them. This should not be difficult using a loop, but somehow I cannot access the the parent object on my listener and therefore I can't do much with my thumbs after they are loaded.Here is the relevant segment of my code. myThumb_mc is a temporary variable that does not exist when the loop finishes, you can copy and paste this code to test it though. It should work to that extent. (you'll need an image1.jpg to be in the same directory)
Code:
var myThumb_mc = _root.createEmptyMovieClip("myThumb_mc", _root.getNextHighestDepth());
myThumb_mc.clipLoader = new MovieClipLoader();
myThumb_mc.clipLoader.loadClip("image1.jpg",myThumb_mc);[code].....
The code above works, but it does not look nice and it cannot be the right way of doing this. Long question short, how can I access the parent of a listener from a listener object? ._parent does not work.
This is something that tugs at my mind a lot so I figured I'd ask the community. If I have a class called MyParentWidget and it contains an instance of MyChildWidget with an instance name of myChildWidget then I will often do something like this:
[Code]....
I build a web site in flex that some time take input. Will this website works on Touch Screen environment(KIOSK).My question is we have to make any change to handle input such as prompt on screen keyboard when input fields are get focused or it will manage my device and OS of system(KIOSK, Touch screen system) itself.
View 2 RepliesI'm a designer considering creating a video project with Flash. I've read some of the security threads on the board, but they are way over my head. I will have a simple Flash file with text and a dozen imported FLV video files.If I use the "protect from import" option, will that keep the videos from being stolen from within the swf? Or, is that just a mediocre hurdle that can be easily overcome by someone wanting to dig into my file?
View 4 RepliesI read about security issues in using GetURL.Is this only with javascript? If I use the getURL to open a blank window where all the HTML and swf are on the same server are those pages and swfs safe from injection, etc? I'm working in Flash 8 with AS 2.0.
View 3 Repliesi wrote a flash script that is embedded into an html page. The flash script (AS3), needs access to the users microphone and camera. I've seen on other websites when they want to use my camera/ microphone flash automatically pops up a box asking the user to permit.
In my case, even though in my global settings for my webpage it says "always ask" under permissions, flash doesnt ask me anything and just blocks the script from accessing the microphone. The script loads fine, just doesnt prompt for access and the user has to manually right click, and go to settings and put setting to "allow".
Searching for this topic on google is rather difficult as there is too much irrelevant stuff with the same keywords.
Edit: This is how i embed just in case im not doing it right.
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0" width="200" height="20" id="myflash" align="middle">
<param name="allowScriptAccess" value="always" />
[code].....