I have a swf file in a php site. It is taking data from php-mysql with connecting to a php file in the database - in the hosting server. So if some user reaches my sfw file and use it in their own sites - how can I prevent them to use my php file and database. Which security step is related with such a problem....
View 5 Replies
I mixed a.com and b.com in my original post, I'll try to rephrase stuff correctly:
A HTML page is loaded from a.com
The HTML embeds a Flash client from b.com
HTML contains a Javascript function that makes a connection to a.com, ie the origin of the HTML, not the origin of Flash
The Flash calls that Javascript function
Question: Do I need to have a crossdomain.xml in a.com?
I have a flash game. I've been trying to connect it to a php website that uses a mySql db. It works when I "test project" it from flash, however when I run it from a player/browser it raises errors about accessing a site. What setting need I ask from my users to set in their flash player - I have personally looked for the right settings and found nothing about approving sites. Is it possible that if both my game and my php site reside in the same base url - that is same server - that this error shall not appear? I really want to test this my self, but my server is a free server and doesn't allow me to upload certain files that are heavy.
View 1 RepliesWhen I visit a site I built some time ago in IE, I get the message bar at the bottom of the browser pop up saying that the site wants to run Flash. This is fine, except for the fact that there is flash in the website whatsoever.
View 1 RepliesI have an XML file that my .swf opens and reads from my server. I actually have the .swf call a php file that builds the xml output which works fine. My question is, is it possible for anyone that can see my .swf project on their browser get the path to the php file that it calls?
Can I use POST in actionscript instead of GET when getting a url so I could hide the variables sent?
Is there a header or something that flash sends that I catch with my php file? So i can tell if flash is calling it, or if some user is just directly going to the file to get the information. Or if all else fails, can I have flash create a file on my server that when I call my php file it first checks to see if that file holds the right data before spitting out the xml. When other people link to my flash file on their server, it seems this method might still work seeing as it's my servers flash .swf being called.
I am getting a strange problem while I am making my release build swf.The swf is supposed to make some internal server calls and then display the data and also play it.When I make a release build swf and excute it, while making server calls it throws exceptions likeSecurityErrorHandler: [SecurityErrorEvent type="securityError" bubbles=falsecancelable=false eventPhase=2 text="Error #2170: Security sandbox violation:file:///Path to the swf/WebPlayer.swf cannot send HTTP headers to **Method Name to bring data from the server***]And after this nothing can be done as everything depends on the data from the server..I have updated my cross-domain.xml on the server to support the master-only policy file but that also didnt ..My cross-domain.xml is
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
[code]......
I haven't fully grasped how the flash security model works, and now I've ran into a problem. I have a base SWF that loads a game loader swf, which in turn loads the actual game.What I'm trying to do is taking a current bitmap snapshot of the running game. This works fine before the loader swf has loaded the game. When the game is loaded, I get a security violation because the game has images pulled from facebook. Is this something that can be solved on my end, or restricted by security in the game swf?
View 2 RepliesI have a function (shown below) to play an external swf file within the middle of my fla file. I have buttons to navigate forward and back. I'm getting Security Sandbox Violation. How do I correct this? I do not know how to stop the image from appearing on the screen once you get to the point in the timeline where the video is. I do get my forward/back navigation buttons but once I use them to advance in the timeline, I continue to get the image found in the swf file. I've attempted the gotoandplay method to get me to the specific label areas, but I continue to get the image from the swf file. What would I use to make this image disappear from the background?
Code:
var CDCloader:Loader = new Loader();
CDCloader.load(new URLRequest("[URL]"));
addChild(CDCloader);
var params = {};
params.allowscriptaccess = "always";
params.menu = false;
stop();
play();
I am using the XML/MX/Syndication libraires and getting a Security Error #2048 error. The error seems unreasonable to me in that there is no forward solution to it on the Internet. I have tried hardcoding security methods in AS 3 and also using a crossdmain.xml file in my root directory to no success. I am about to give up and use pure PHP. There should be a more simple solution to this.
View 11 RepliesI've been reading about the security restrictions for file uploads in Flash Player 10.According to the FileReference docs for upload(), the upload does not have to be triggered by a user-initiated action (the browse() does, but that's another story). If it did, that would force an awkward user experience for multi-file uploads, since only one upload can occur at once -- so the user would have to click (or press a button) once per file to initiate the upload, but only when the previous file had finished uploading.
[Code]...
what's wrong with this picture? Why is this security error happening? Is there something I need to change with my crossdomain.xml file?
[Code]...
When using the fileReference.download method to let users download content from my server. Some users get a Security error when trying to downlaod. When studying the fileReference class it says: To avoid this situation, reclassify this SWF file as local-with-networking or trusted. But how do I do that? Do I import the security class and then set secrurity to:
Security.LOCAL_WITH_NETWORK;
If yes. Should I do that in my base class or the class that is "creating the error"? Or should I change the Local playback security to "Access network only" (I am using the cs3 flash)?
i'm trying to integrate with a plain http service which has both http/https flavors available for consumption. sadly they never thought of a flash client consuming these services and it will take another 6 months to roll a crossdomain xml policy file on their service (there security team has to approve the process, pm team has to include it in their roadmap and blah blah). i've already implemented the flash client which works fine from a flash ide security sandbox. is it possible to get around this crossdomain policy requirement.
my flash file will always be hosted as [URL] and i will be communicating with [URL]. i'm saying [URL] because they do some loadbalancing at the backend and allocate random servers on connection (which is fine from their server side design perspective). I tried putting following two lines in the constructor of my movie clip, but couldn't pass through the security sandbox error:
I want to distribute an SWF file to be run on computers, not the internet.However, I want to be able to access the internet through a link controlled by a button.This used to work, now I get a security warning telling me I need to change the settings on my computer.For obvious reasons I don't want to make every person who runs the swf file to have to do that!Under Windows I can create an EXE file that does not create the security warning, but on the Mac that won't help.
View 2 RepliesI'm using as3httpclientlib to post data to my web service, but I'm continually getting the following security violation. Does anyone know how to resolve this? My crossdomain.xml file is below the security violation notice. NOTE: I'm using apache to proxy requests to the web service, therefore the target url/port and the url/port serving the applet are the same -- [URL] Also, the rossdomain.xml file is located in the root of the web app which serves the applet rather the web service; however, since the requests are proxied the url for the file is [URL]
[Code]...
I have two Flash files: pre-loader and application.
Pre-loader: (D:ProjectsFlashAppsddedd.fla) is doing basically this:
var mRequest:URLRequest = new URLRequest("http://localhost/flash/dd.swf");
mLoader.load(mRequest);
}
Application file: (D:ProjectsFlashAppsdddd.fla) is the real application and among other things is doing this:
_loader.load(_request); //where _request = "assets/html/style.css".
When debugging the pre-loader, at this point I am getting an error which says:
SecurityError: Error #2148 File SWF http://localhost/flash/dd.swf cannot access local resource file:///D|/Projects/FlashApps/dd/assets/html/style.css.
The application must be loaded by the pre-loader, it won't start when called directly. But apparently, the security settings are preventing such duo from being possible to debug. Normally when it is on a remote server, it is working ok.
What I have done so far to resolve it:
Added crossdomain.xml to my local i:xampphtdocs folder:
> <?xml version="1.0"?>
> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
[Code]....
Set File > Publish Settings -> Local Playback Security -> "Use local files only" in both files. It didn't work, so I set it to "Use network only" Also didn't work.
What else can be done to be able to debug these Flash files locally?
Last few months I experienced lot pain of due to Flash Player 9 version 3 (I thought that 9 is version no.).
Last thing is new socket policy files and all the new security "improvements". We finally forced sockets to works, to:[URL]..
[Code]...
How I can wrap socket class and avoid <policy-file-request/>?
I'm having some trouble getting around a security restriction of flex. Saving a file is apparently an action that can only be invoked upon user interaction. The problem is that after my user clicks on the save button, I need to perform a database query to get the data for the file I want to save.
Because Flex works asynchronous, I have to make the database call and then catch the ResultEvent in a different function. In that function, I no longer have the user's mouseclick event. How am I then supposed to save this file?
[Code]...
I'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.Here are the contents of the root crossdomain.xml:
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies ="all"/>[code].....
Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player. When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http:[url].......I am using Flex 4 beta, and the App Engine Python runtime. I have tried full wildcard in the crossdomain, and even accessing the data endpoint at a relative URL so as to avoid this error.
I am trying to load a swf file which contains xml based image gallery on 25th frame of the timeline inside flash professional cs5.5 using actionscript 3. while doing so i'm getting this error "SecurityError: Error #2000: No active security context". Below is the as3 code:
stop();
import flash.net.URLRequest;
import flash.display.Loader;[code]........
This is my code and i want to place an external swf file for my flex application website. This is my code:
var loader:Loader = new Loader();
var url:URLRequest = new URLRequest("http://www.my site.com");
loader.load(url);
addChild(loader);
My SWF resides on domain A, is loaded by a web site on domain B and is trying to ping URL (URLLoader.load) on domain C. But I am getting "#2048: Security sandbox violation" .. why? Of course I have read the manual, I saw the security white paper but I do not understand it. Don't you know any blog or such where it is explained for dummies? With lots of examples and maybe a table showing what is allowed and what is not?
View 2 RepliesA client of mine have requested a flash logo on their homepage. I have designed one and added the code as I think it should look. But is is not appearing.[URL]
View 1 RepliesI'm trying to embed a .flv file in my site. I encoded it from a PAL .avi using FLME CS4 at the preset values for 'FLV - web small', although I've tried a ton of different sizes, framerates, bitrates, and keyframe distances.However I do it, the video plays nice and smooth in any offline player (WMP, Adobe Media Player, VLC, RealPlayer). Then I embed it into the site with Dreamweaver and preview it in IE8, Firefox and Chrome.
Firefox and Chrome play it beautifully, and IE8 is jittery, jerky and stuttery. It's not horrendous, but it looks like it's running at 12-18 fps instead of 25, and it's noticeable, and it doesn't look natural. Once it's embedded in the HTML it plays the same whether I'm previewing it through Dreamweaver with the .flv on my PC, or I'm getting it off the internet (look for yourself at my 'test' video at [URL] make it play as smoothly in IE8 as it does in the other browsers?
I created a swf that I have on my website. The swf loads xml data. it works fine when I test it locally. But when I upload it to the server, I get a IOErrorEvent().[code]How can I figure out what is causing this error? Driving me crazy...been up from 9am - 5am trying to create this header for the site and now I'm stuck on an XML load error...
Correcting the comment tags fixed my xml loading problem.I then was faced with the images within the xml file not displaying on the screen. When I went to www.mysite/media/myFlash.swf, the images loaded perfectly; however, when i went to www.mysite.com where the 'myflash.swf' was in a the images threw another error.I corrected this issue by changing the file path in the xml...instead of acquainted.jpg I changed it to media/ specials/ acquainted.jpg.
I get following error: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: [URL] cannot load data from 192.168.3.5:4854. at TicTacToe_fla::MainTimeline/TicTacToe_fla::frame1() ". I tryed to solve this problem about 3 hours, but I failed I have the file crossdomain.xml in the same folder like my .swf file on the server with this content:
[Code]...
Basically I created a flash site and uploaded it onto the server provider the client chose using cute ftp. That's all fine but now they want to add a link enabling the viewer to download a PDF straight to their desktop. As I can't upload a PDF file to the Flash library, was wondering if anyone had any tips on creating this function?
View 2 RepliesIs it possible to link to a spacific "page" within a flash site much like you can do with a html web site? I want to be able to link to a spacific swf page within my site without going through the entire site to get to the "page" how do I do this using actionscript 2.0
View 2 RepliesI'm trying to embed a swf file on a site. Here a link to the file on a page that works. Example Problem is, I need to place it on a different site (we have two servers) and it's not working once I link to the file on the other server. Below is the code. I've highlighted the part that I changed.
[Code]...
I recently add two flash (.swf) file in to my web-site of selling ink for cartridges, But it seems they are not well embed in the posistion of the web-site front page.
View 8 Replies
