When I visit a site I built some time ago in IE, I get the message bar at the bottom of the browser pop up saying that the site wants to run Flash. This is fine, except for the fact that there is flash in the website whatsoever.
View 1 RepliesI mixed a.com and b.com in my original post, I'll try to rephrase stuff correctly:
A HTML page is loaded from a.com
The HTML embeds a Flash client from b.com
HTML contains a Javascript function that makes a connection to a.com, ie the origin of the HTML, not the origin of Flash
The Flash calls that Javascript function
Question: Do I need to have a crossdomain.xml in a.com?
I have a flash game. I've been trying to connect it to a php website that uses a mySql db. It works when I "test project" it from flash, however when I run it from a player/browser it raises errors about accessing a site. What setting need I ask from my users to set in their flash player - I have personally looked for the right settings and found nothing about approving sites. Is it possible that if both my game and my php site reside in the same base url - that is same server - that this error shall not appear? I really want to test this my self, but my server is a free server and doesn't allow me to upload certain files that are heavy.
View 1 RepliesI have a swf file in a php site. It is taking data from php-mysql with connecting to a php file in the database - in the hosting server. So if some user reaches my sfw file and use it in their own sites - how can I prevent them to use my php file and database. Which security step is related with such a problem....
View 5 RepliesMy SWF resides on domain A, is loaded by a web site on domain B and is trying to ping URL (URLLoader.load) on domain C. But I am getting "#2048: Security sandbox violation" .. why? Of course I have read the manual, I saw the security white paper but I do not understand it. Don't you know any blog or such where it is explained for dummies? With lots of examples and maybe a table showing what is allowed and what is not?
View 2 RepliesI get following error: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: [URL] cannot load data from 192.168.3.5:4854. at TicTacToe_fla::MainTimeline/TicTacToe_fla::frame1() ". I tryed to solve this problem about 3 hours, but I failed I have the file crossdomain.xml in the same folder like my .swf file on the server with this content:
[Code]...
i have made a site in flash. stage size 955x600 i have exported it as fullscreen with no scale. the problem is that if i browse the site with a resolution of 800x600 (760x420 if i'm not wrong), the browser dont' add scrolls and its impossible to see the complete site. How can i fix this without resizing the site. i want the users to see with the proportions that i have now.. ijust want a scroll on the browser.
View 2 RepliesI was wondering if its still necessary to build a html site aswell as a Flash Site? Or is there a definitive and failsafe way to incorporate html into my flash site? SEO is a very important factor for me. I read this article: url...by Geoff Sterns in 2006, resulting in the following[code]
View 4 RepliesA client of mine has had 2 sites (both Flash sites) attacked over the last 12 months, so he's been asking: should he go for a static HTML site or stick with a Flash site? Is there ways to make a Flash site more secure?
View 1 RepliesI am working on a existing Flash project (a Flash based game), where I need to integrate social login widget Gigya. I researched and finalized using Adobe Flash Platform Services Social. The problem is, I successfully integrated that in a test Flash file that I initially prepared. But when I integrate it in the source file of my actual Flash project, I get following error:[code]in my code, but it works in my initial test Flash (a minimal file with 2 frames and no extra components), but does not seem to be working for my actual game Flash.
View 2 RepliesI have some people making a site that uses PHP and mysql. You will be logging in first to the PHP site, but the Flash based component of it requires to use the same log in and password. Do they have to log in twice??????
View 1 Repliesi wrote a flash script that is embedded into an html page. The flash script (AS3), needs access to the users microphone and camera. I've seen on other websites when they want to use my camera/ microphone flash automatically pops up a box asking the user to permit.
In my case, even though in my global settings for my webpage it says "always ask" under permissions, flash doesnt ask me anything and just blocks the script from accessing the microphone. The script loads fine, just doesnt prompt for access and the user has to manually right click, and go to settings and put setting to "allow".
Searching for this topic on google is rather difficult as there is too much irrelevant stuff with the same keywords.
Edit: This is how i embed just in case im not doing it right.
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0" width="200" height="20" id="myflash" align="middle">
<param name="allowScriptAccess" value="always" />
[code].....
I've got a Flash movie, loading data from an external URL. In fact, it's a RSS reader inside a banner.Everything works perfectly when the Flash movie and data URL are on the same domain. However, if the Flash movie is on another domain, Flash security kicks in.The manual says that I can allow a domain trough Security.AllowDomain()
system.Security.allowDomain("http://www.mydomain.abc/")
xmlData = new XML();
xmlData.ignoreWhite = true;
[code]....
I have a flash movie which loads some images dynamically, through hphp gateway files. It works fine accessing through [URL]but not through [URL] So it does not work without www.I am passing from HTML to Flash through params flashvars the path of the server, with www.
View 2 RepliesI am building a photography web site with flash and I found a really cool slide show extension plug in (www.slideshowpro.com) were can easily upload and update my portfolio slide shows.when I publish out to HTML, I test it in a browser and I get this warning when I click on the photography page.I read in adoby help and it said flash developers can allow communication between sites with this AS code Security. allowInsecure Domain ("nathan44. slideshowpro.com");so I added this code to my actions layer on the firs frame in "scene 1" and to the actions layer in the photography section. But nothing changed i still get this warning when ever I publish out to an HTML, when I just preview with control + enter i can view the sideshows fine.
View 4 RepliesI have build my entire website with flash and embedded several swf objects (slideshows) into it. everything always worked fine when I published it as swf movie.but now that I want to upload my website an error message occurs saying:Error #2044: Unhandled SecurityErrorEvent:. text=Error #2140: Security sandbox violation: file:///mylayout.swf cannot load file:///slideshow_1.swf. Local-with-filesystem and local-with-networking SWF files cannot load each other.I know that it has something to do with the fact that one of the swf is local with filesystem and the other local with networking. but in my publish settings i told it to access local files only.but i dont really know what your are talking about. i am hosting my website at besides that i have not uploaded it yet. i am just testing it offline.
View 2 RepliesHow to I get my security policy working? My parent swf parses an XML doc and loads 2 children. It throws a 2148 security error, and only works in the Flash IDE. PARENT SWF 'I put it at the top of my code. That seemed like the proper event flow' flash.system.Security.loadPolicyFile("crossdomain.xml"); I've referenced my security file from my swf. I Also published my parent swf as 'network only' and put all the crossdomain.xml and everything else in the same folder. I need to click on the animations and have them place from a local computer at a kiosk. POLICY FILE 'Used"*" since there's not URL, it's all local'
[Code]...
I usually organise tournaments on my site (flash based) and this time I have added a tournament in which users have to complete a jigsaw puzzle and the one who completes it in the least time wins some prize. As the jigsaw puzzle always produces random location, it is difficult for them to hack. They can't even directly download the game as it can't be downloaded using flash saver etc. But I want to know if they can make a program which completes the jigsaw puzzle automatically.Even time can't be hacked as I use time also tick on my server side so I match the time submitted by the game and the time stored in my server.
View 4 RepliesHow can I disable crossdomain.xml check when the executing swf has been loaded on localhost?
Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation: http://localhost:2541/xxx.swf cannot load data from http://www.com/xxx.swf.
I want to assign full trust to the HTML5 web application running locally. I want to disable any crossdomain checks.
Some external servers do not provide crossdomain.xml for their hosted SWF files.
I am running locally. I want to have full trust for debugging purposes.
How do I do that?
I will not consider AIR as it cannot be used from HTML5 application.
Adding the url "http://localhost:2541/xxx.swf" to "C:UsersArvoAppDataRoamingMacromediaFlash Player#SecurityFlashPlayerTrustu.cfg" did not help.
[URL]
Over the years I've become an uber-nerd when it comes to flash game development. Now I'm thinking about looking into using my skills for helping other game-developers out there.I want to develop an API in AS3 which will allow the developer to do (as a start) the following:Display a dialogue which lets the user log into their "account" (hosted on my site).Send a score/value to the website and attribute it to the logged in user.Unlock an achievement (achievements will be set up by the developer in the web interface - which is where they will also get a key of some type to use with their API.Display highscores, other players profiles in-game, etc (show basically any stats in-game).All easy enough to develop straight off the bat. However; where it becomes frustrating is security. I'm not expecting an indestructible solution that I'm fully aware isn't possible, but what would be the most defensive way to approach this? One thought I've had was converting my API to a component so there's no access to the code (unless you decompile). The problem here is it's just not friendly to the developers, though it would allow me to create my own graphics for the UI (rather than coding many, many sprites).Private/public keys wont work unless there is very good protection against decompiling.
View 3 RepliesI'm building a flash project that will be ran with a wrapper of some sort to give flash extra controls. The issue I'm running into is streaming video from a web domain while the .swf is located locally on the users computer. I'd rather not ask my clients to go into adobe's security sandbox and allow it them selves. Is there a way to auto allow a file to communication externally for streaming? I know an Adobe Air app named Ambience that streams mp3s. Anyone know how this can be accomplished?
View 1 RepliesI am using twilo client in one of my apps and it is showing following popup when I click on call buttonBut I want to show the following pop up which is lot simpler and seems less cumbersomeIs there a way to control which pop up comes on the screen? I have read some documentation of adobe but their configuration files live in users computer which ofcourse can not be changed by a website.
View 1 RepliesI'm working on a Site that uses Flash in conjunction with a PHP and MySQL. It is possible that someone could guess the variable names used in my PHP scripts and post bogus data to my data base.
I'm using a script to escape all of the data that goes to MySQL.
So, I'm pretty sure this is impossible, but is there any way to "re-skin" the box that pops up asking you if flash should be allowed access to your mic and webcam? I'd really love to make that box fit with the rest of the design of whatever I'm building.
Also, if I have several swfs that use the mic/webcam inside one larger shell swf, will the dialog box appear once for each of the sub-swfs, or just once for the large one, and those settings will be applied to all the sub-swfs?
I am writing a Flash site that needs to send the user to PayPal to pay to gain access to content on the site. The following is a test to send the user, along with the necessary data, to PayPal...
[Code]...
mp3 playback security with Flash player. I am making a mp3 player and don't want to give user access to download the mp3 files from server. But according to Flash player functionality, it's getting downloaded in cache. Also with Firbug user can see the mp3 file path.I would like to have any good suggestion for this development, without streaming server. Is it really possible to secure mp3 files with Flash player? If yes then please let me know your feedback for the same.
View 3 RepliesI am new to FlashPro CS5. I need to use it with SlideShowPro Director and the associated product 'ThumbGrid'.I followed the instructions and settings from SlideShow Pro but nothing happens when I publish. They say I need to go to the flash security settings panel and add my local folder as a trusted location to execute the files from.I cannot find the flash security settings panel
View 5 RepliesWe're trying to create an app for OpenPeak. The Flash app will act as a client to a Java server on another computer on another domain.The Flash app client connects via XMLSocket. The Java Server uses ServerSocket to receive a request and send back a message.In order to trust the server, the Flash client needs a socket master policy file to tell it that the server comes from a trustworthy domain. According to an article on Adobe, when a connection has succeeded, the Flash client automatically requests the cross-domain policy or socket master policy file on port 843.Still, even when we implement it according to the tutorials and recommendations we have read, the Flash client continues to throw the following security error:[code]We've tried logging the policy file request during testing to see if there was any call made to port 843. There was not.Interestingly, even without a policy file, the Flash client still manages to send the first data message to the server successfully. It's just when the server tries to send back a reply that the entire thing hangs for about 10 seconds before the security error above is displayed.
View 1 RepliesI am building a Audio Recording tool using Flash and Wowza. I dont want to start the recording until the use clicks the Allow Button is the Security Pop-up question represented here [URL] In Audio I dont get this until I attach the stream to it. In Video can get thsi question when I attach the camera to Video.
I want to avoid making a connection until the user clicks Accept and this doesn't happen until I make the connection request in Audio. I am able to display the [URL] pop-up using SecurityManager Is there a way I can call the pop-up from my code. [URL]
I've got Flash content that needs to run within a web page off a CD. It works fine if I change the security settings in the Flash Global Security settings screen but that can only be accessed online. So...an the security violation be overcome with a cross-domain XML on the local drive somehow?
View 2 Replies