Table of Contents
Advertisement
In Flash Player 7, exact-domain matching rules are used by default. That is, the settings and
data for a file hosted at here.xyz.com are stored at here.xyz.com, the settings and data for a file
hosted at there.xyz.com are stored at there.xyz.com, and so on.
lets
System.exactSettings
you specify which rules to use. This property is supported for files published for Flash Player 6
or later. For files published for Flash Player 6, the default value is
, which means
false
superdomain matching rules are used. For files published for Flash Player 7 or 8, the default
value is
, which means exact-domain matching rules are used. If you use settings or
true
persistent local data and want to publish a Flash Player 6 SWF file for Flash Player 7 or 8, you
might need to set this value to
in the ported file. For more information, see
false
in the ActionScript 2.0 Language
exactSettings (System.exactSettings property)
Reference.
Cross-domain and subdomain access between SWF
files
When you develop a series of SWF files that communicate with each other online—for
example, when using
,
,
loadMovie()
MovieClip.loadMovie()
, or Local Connection objects—you might host the SWF
MovieClipLoader.LoadClip()
files in different domains or in different subdomains of a single superdomain.
In files published for Flash Player 5 or earlier, there were no restrictions on cross-domain or
subdomain access.
In files published for Flash Player 6, you could use the
LocalConnection.allowDomain
handler or
method to specify permitted cross-domain
System.security.allowDomain()
access (for example, to let a file at someSite.com be accessed by a file at someOtherSite.com),
and no command was needed to permit subdomain access (for example, a file at
www.someSite.com could be accessed by a file at store.someSite.com).
Files published for Flash Player 7 implement access between SWF files differently from earlier
versions in two ways. First, Flash Player 7 implements exact-domain matching rules instead of
superdomain matching rules. Therefore, the file being accessed (even if it is published for a
Flash Player version earlier than Flash Player 7) must explicitly permit cross-domain or
subdomain access; this topic is discussed in this section. Second, a file hosted at a site using a
secure protocol (HTTPS) must explicitly permit access from a file hosted at a site using an
insecure protocol (HTTP or FTP); this topic is discussed in the next section (see
"HTTP to
HTTPS protocol access between SWF files" on page
707).
You usually call
in your applications. However, when the
System.security.allowDomain
LocalConnection receiver is an HTTPS SWF file and the sender is not,
is called instead.
allowInsecureDomain
696
Understanding Security
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the FLASH 8-LEARNING ACTIONSCRIPT 2.0 IN FLASH and is the answer not in the manual?