Http To Https Protocol Access Between Swf Files - MACROMEDIA FLASH 8-LEARNING ACTIONSCRIPT 2.0 IN FLASH Manual

HTTP to HTTPS protocol access
between SWF files
You must use an
allowDomain
accessed by a SWF file in another domain. However, if the SWF file being accessed is hosted
at a site that uses a secure protocol (HTTPS), the
permit access from a SWF file hosted at a site that uses an insecure protocol. To permit such
access, you must use the
System.security.allowInsecureDomain()
protocol access between SWF files" on page 707
Allowing HTTP to HTTPS protocol access between
SWF files
In addition to the exact-domain matching rules, you must explicitly permit files hosted at sites
using a secure protocol (HTTPS) to be accessed by files hosted at sites using an insecure
protocol. Depending on whether the called file is published for Flash Player 6, 7, or 8, you
must implement either one of the
subdomain access between SWF files" on page
LocalConnection.allowInsecure Domain
System.security.allowInsecureDomain()
For example, if the SWF file at https://www.someSite.com/data.swf must allow access by
a SWF file at http://www.someSite.com, the following code added to data.swf allows
this access:
// Within data.swf
System.security.allowInsecureDomain("www.someSite.com");
my_lc.allowInsecureDomain = function(sendingDomain:String):Boolean {
return (sendingDomain == "www.someSite.com");
};
Implementing an
the HTTPS protocol. You should make these changes only if you can't reorganize your
site so that all SWF files are served from the HTTPS protocol.
handler or method to permit a SWF file in one domain to be
LocalConnection.allowInsecure Domain()
allowDomain
allowInsecureDomain()

HTTP to HTTPS protocol access between SWF files

handler or method doesn't
allowDomain
statements. See "Allowing HTTP to HTTPS
for more information.
statements (see "Cross-domain and
696), or use the
or
statements.
statement compromises the security offered by
or
707