Table of Contents
Advertisement
The following issue affects only SWF files published for Flash Player 7. When the receiver is
HTTPS, and the sender is a local SWF file,
allowInsecureDomain()
LocalConnection receiver is Flash Player 8, and the sender is a local file,
allowInsecureDomain()
Files that run in Flash Player 8 are subject to changes from how they run in Flash Player 7.
Calling
System.security.allowDomain
SWF file being accessed is the one that called
words, a SWF file that calls
itself. In previous versions, calling
operations where the SWF file being accessed could be any SWF file in the same domain as
the one that called
System.security.allowDomain
of the calling SWF file.
Support has been added for the wildcard (
and
System.security.allowInsecureDomain("*")
scripting operations where the accessing file is any file and can be loaded from any location
(such as global permission). Wildcard permissions can be useful, but they must adhere to the
new local file security rules in Flash Player 8. Specifically, local files do not come from a
domain, so the wildcard value must be used. However, use caution when using the wildcard
value because any domain has access to your file. For more information, see
allowInsecureDomain (security.allowInsecureDomain method)
You might encounter a situation when you load a child SWF file from a different domain
than the one calling it. You might want to allow that file to script the parent SWF file, but
you don't know the final domain from which the child SWF file will come. This situation can
happen, for example, when you use load-balancing redirects or third-party servers. In this
situation, you can use the
example, if you load a SWF file into
System.security.allowDomain(my_mc._url)
file in
begins loading because the
my_mc
yet. To determine when a child SWF file has started to load, use
MovieClipLoader.onLoadStart
allowDomain()
should be called. However, in Flash Player 8, when an HTTPS
is called.
permits cross-scripting operations only where the
System.security.allowDomain
System.security.allowDomain
System.security.allowDomain
) value to
*
property as an argument to this method. For
MovieClip._url
, you can call
my_mc
property does not have its final, correct value
_url
.
About domains, cross-domain security, and SWF files
is called, even though
now permits access only to
permitted cross-scripting
. Doing so opened up the entire domain
System.security.allowDomain("*")
. The wildcard (
. If you do this, you must wait until the SWF
. In other
) value permits cross-
*
.
697
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the FLASH 8-LEARNING ACTIONSCRIPT 2.0 IN FLASH and is the answer not in the manual?