I am trying to make an external interface call on widgets I am creating to get the domain for in/out of network stats.
[Code]...
From what I am reading an allowscriptaccess needs to be set to always, which I can't do because there isn't embed code that is sent to Facebook during a share so I don't have control over that.
I am trying to access JS functions of the container HTML code from the swf(using External Interface). But until I add the swf in Global Security Settings it doesn't work, even from localhost. My question is how to ensure that this problem doesn't come to users who access the site. If I have to build a crossdomain.xml what should be the content? I am not accessing different domains.[code]
View 2 RepliesI'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.Here are the contents of the root crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies ="all"/>[code].....
Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player. When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http:[url].......I am using Flex 4 beta, and the App Engine Python runtime. I have tried full wildcard in the crossdomain, and even accessing the data endpoint at a relative URL so as to avoid this error.
I get following error: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: [URL] cannot load data from 192.168.3.5:4854. at TicTacToe_fla::MainTimeline/TicTacToe_fla::frame1() ". I tryed to solve this problem about 3 hours, but I failed I have the file crossdomain.xml in the same folder like my .swf file on the server with this content:
[Code]...
I am trying to load a swf file which contains xml based image gallery on 25th frame of the timeline inside flash professional cs5.5 using actionscript 3. while doing so i'm getting this error "SecurityError: Error #2000: No active security context". Below is the as3 code:
stop();
import flash.net.URLRequest;
import flash.display.Loader;[code]........
I am getting a strange problem while I am making my release build swf.The swf is supposed to make some internal server calls and then display the data and also play it.When I make a release build swf and excute it, while making server calls it throws exceptions likeSecurityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=falsecancelable=false eventPhase=2 text="Error #2170: Security sandbox violation:file:///Path to the swf/WebPlayer.swf cannot send HTTP headers to **Method Name to bring data from the server***]And after this nothing can be done as everything depends on the data from the server..I have updated my cross-domain.xml on the server to support the master-only policy file but that also didnt ..My cross-domain.xml is
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
[code]......
I'm using a PHP proxy script to load images from Facebook into Flash without any sandbox violations. It is taken from the guide here: [URL].. The relevant PHP code is:
[Code]...
The guide mentions that additional security measures are recommended for a real world application. What additional measures would be applicable to this? Maybe some kind of key passed from Flash to PHP?
I realise that there's nothing I can do to completely protect the Flash from being decompiled, but can I prevent the script from being used maliciously?
We've just developed a small Facebook puzzle that people win some gifts from our customer. I'd like to ask a few questions since I'm pretty stuck despite tried lots of things. First I'd like to write what we have and then will explain our problems.oot of application (/) checks for signed_request in POST params, extracts information from it to see if we've registered the logged in user into our database. This checks are also used to understand if the request is sent from Facebook or not to prevent requests coming outside of Facebook. (will write why we want this)Once the application is successfully rendered, Facebook JS API takes place, does its checks and sets the fbsr cookie. We use that cookie information while processing ajax requests to check if the request really belongs to the logged in user (e.g.: scores being sent for a user belong to the logged in user).
We implemented CSRF protection and another protection to check if the requests are POST and more specifically AJAX requests and return 40x if not.nd out that some people seem to take advantage of this bug.One way I thought of is to ignore all requests except coming from Facebook. Since the ajax requests are blocked (cross site) we should have been safe. However this leaded to another problem that, once we redirect users to e.g. leaderboard the signed_request data is lost and our index page returns 40x once the user tries to go back since our application thinks that the user tries to visit our application outside of Facebook.
I'm trying to display the profile images from both facebook and twitter. For facebook, the URLs I'm receiving are something like this (not actual urls):[URL]... Which is then redirected to the 'actual' url like this:[URL].. I'm also doing this with twitter, with the same issue (redirected url).
So, when I load the image, it loads fine. But when I close the container that the image is in, then I get the security sandbox violation. I can get this all to work if I add the URL from the 'actual' image url like this:
[Code]..
I use UrlLoader.load() in my flash app. And I'm handling UncaughtErrorEvent.UNCAUGHT_ERROR to stop the app when an uncaught exception occured. UrlLoader.load() works when you are connecting the internet normally. But if the connection to the internet was lost after your browser loaded the app, SecurityError happens when UrlLoader.load() is called. I can not catch the SecurityError by using try catch and UNCAUGHT_ERROR happens and it stops my app. I don't want to stop the app when UrlLoader.load() failed because I'm just using UrlLoader.load() to log some unimportant information.
And I think timeout error also can be ocurred if it takes a long time to load. And I also don't want to stop my app due to the time out error. How can I solve those problems? And are there more other type of errors which can be ocurred and stop my app?
I have an application that connects to a binary socket server running on port 2234. I use the python policy file server, which I downloaded from [URL], which runs on port 843. If the client app is trying to connect to a socket I can see that the server is receivng the request for a policy file and that it sends it to the client. However, in the client, I get a security sandbox error. How is this possible? And is it possible to check whether the client really received the policy file? BTW, here is my policy file:
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" to-ports="*" /></cross-domain-policy>
I have created a crosdomain policy file, I have added code to my flex app, and I still get security sandbox violation...have I done something wrong? Here are my errors and file snippets:
Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://mysite.com/folder1/folder2/media/swf_demo.swf cannot load data from http://mysite.com/folder1/folder2/media/locXML.xml.
swf_demo.swf is my flex application
The following lines have been added to my flex application:
Security.allowDomain("mysite.com");
Security.allowDomain("www.mysite.com");
Security.allowDomain("http://mysite.com/folder1/folder2/media/locXML.xml");[code]..
When i am running my file locally it runs well but when it runs from a server, it throws an error
[Code]...
I googled a lot. I found a solution of cross domain policy funda but i am not clear with it. Anybody has ideas of getting rid of this problem..?
I am using in AS3 "External Interface ". When I call the JS function that is on the same page as swf everything works fine.
I added a link in the html page to an external JS file, when I move the JS function to the external JS file the website crushes.
I would prefer to have all my JS functions on an external file so I can use them in the future in other project and it also makes it easier for me to update the site.
how to call a JS function that is on an external file from AS3?
I'm currently building an application using the Adobe Facebook API and I've run into an issue where for the login method the Facebook login popup displays but when doing a Facebook share/post the popup is blocked.
This code works fine and displays me a Facebook login popup without question (Firefox):
var permissions:Array = ['publish_stream'];
Facebook.login( onFacebookLogin, { perms:permissions.join(',') } );
However, the following code running in the same application throws up a popup blocker (again Firefox):
Facebook.ui( "stream.publish", "popup", params );
Does anyone know of a work around this issue to make the share popup come up just like the login popup?
I am very new to flex, i have created a simple login page in flex and created a webproject in Eclipse having a jsp page. i have put that jsp page in tomcat webapps. Now when i run an application of login from FlashBuilder it runs fine as i have given the ip e.g [url]... and passing it as a url in HttpService and it worked fine. but when i put my login.swf file in webapps same in that folder where that jsp resides and un e.g [url]... it displays the page but when i click on the login button it gives me with this error "Security error accessing url"
View 2 RepliesI am getting an error with RegExp class at my flash document. I am using an Action Script 2.0 at my document. Is RegExp class is not supported in AS1/AS2 ?
My code is as follows
function validateEmailAddress(emailString:String):Boolean {
var myRegEx:RegExp = /(w|[_.-])+@((w|-)+.)+w{2,4}+/;
var myResult:Object = myRegEx.exec(emailString);
if(myResult == null) {return false;}return true;
} if(validateEmailAddress(email) == false) {
contacterror = "Error ! Please Enter Valid Email Address";}
If RegExp not supported in ActionScript 2.0 then how to validate email address at ActionScript 2.0 ?
here happened an error
error:
interface 'Sprite' could not be loaded.
var symb1:Sprite = new Sprite();
Im testing a program in FlashDevelop, which uses Flash player 10. Need externalInterface to work, but on running this simple test program, it displays "ExternalInterface is not available". How do I get ExternalInterface working? [URL]
<mx:Script>
<![CDATA[
import mx.controls.Alert;
private function init():void {
if (ExternalInterface.available) {
[Code] .....
By the way, this script shows "External Interface is available" when I run it in my browser. Its only when I run it in Flash Player 10, that it is not available.
I've got a SWF with buttons that are calling a javascript function using External Interface - specifically the Milkbox photo gallery. For various reasons, the page with the embedded SWF has to work online as well as being run from someones local machine. The online version runs fine on every OS/browser. However, I've run into a snag where, for some reason, the local version isn't firing the javascript on Win XP in any browser.Is there perhaps some snag with using External Interface locally on an XP machine, or is there something else at play here? FYI, no problems at all on Vista/any browser.
View 1 RepliesI am using loadVars to load an url from a txt file and then passing that to another loadVars.When I test the movie it gives me a security sandbox error,but if I type in the url by hand it works just fine.
PHP Code:
var url:String="";
var myData:LoadVars = new LoadVars();
myData.onLoad=function(){
[code]....
This gives a security sandBox error but if I remove url and type the url in directly it works fine.
I'm trying to integrate a Flex app with Google Checkout and code that runs fine on my local machine is throwing a Security Error when I test on my site.[code]...
View 2 RepliesWhen I try to request a token from Twitter:[code]The weird thing is that it doesn't happen when I run my App in Debug mode (from Flash Builder) it just happens when I call my application from localhot:3000 (as I'm using Rails)!
View 2 RepliesI am trying to access instagrams API with FLash, I keep getting a "Security sandbox violation: cannot load data from https:[url]....? client_id=...etc" but it works in the IDE. It is loading the cross domain policy file from https:[url]....and I have security allow [url]........ in the swf.
View 1 RepliesI am encountering a weird problem. I have a flex application that calls a HTTPService from another domain to retrieve some data. I have created a crossdomain.xml in my flex application with <allow-access-from domain="*"/>.
When i run my application http:[url]...., i can retrieve the data without error.But if i run my application http:[url]....., i encounter the Channel.Security.Error.
[code]Now, the above code works fine for some people using our software while others are experiencing the following error ( in faultHandler() ):[code Again, the error happens to some people and not for others.Have I missed something? Would it be a machine / browser specific problem? As a sanity check the above code works with the same .swf file in chrome, ie, firefox and safari.I have read about the crossdomain.xml and don't think that is the issue as YouTube have that defined.Finally, all users (intranet app) are using IE and the same version of flash.I have been pulling my hair out the past 2 days and asking the question over and over again "Why is it only happening for some users and not for other users?"
View 2 RepliesI had this error in a Flex Application that I couldn't figure out. Every time the app attempted to access the Web Service it returned the error Security Error Accessing URL.
View 1 RepliesI have a Flash-file, which I downloaded at a page. Now I am changing some things and this error is occuring: SecurityError #2000. The Flash-file loads an XML-file and in this XML-file, there are some paths to some picture files. All paths are valid and the pictures exists. When I changed the picture (and path), I get this SecurityError. My next idea was to replace the picture, but the path should be the original. When I did this, I got the old picture, not the new. I downloaded this Flash-file: [URL]
View 3 RepliesAny one know how to fix this problem? Security sandbox error #2070
View 1 RepliesI am trying to get started with AS3IsoLib by following in Flash CS5. I am following Lee Brimelow's Flex tutorial on but have run into a import problem. It is coming from inside AS3IsoLib. In the Node.as class, it is throwing 1046:Type was not found or was not a compile-time constant: INode.
ActionScriptas3isolibdataNode.as, Line 246 1046: Type was not found or was not a compile-time constant: INode.
ActionScriptas3isolibdataNode.as, Line 246 1120: Access of undefined property INode.
[code].....