MACROMEDIA FLEX-FLEX ACTIONSCRIPT LANGUAGE Reference page 443

Parameters
A string; the URL where the cross-domain policy file to be loaded is located.
url
Returns
Nothing.
Description
Method; loads a cross-domain policy file from a location specified by the
Player uses policy files as a permission mechanism to permit Flash movies to load data from
servers other than their own.
Flash Player 7.0.14.0 looked for policy files in only one location: /crossdomain.xml on the server
to which a data-loading request was being made. For an XMLSocket connection attempt, Flash
Player 7.0.14.0 looked for /crossdomain.xml on an HTTP server on port 80 in the subdomain to
which the XMLSocket connection attempt was being made. Flash Player 7.0.14.0 (and all earlier
players) also restricted XMLSocket connections to ports 1024 and higher.
With the addition of
policy files from arbitrary locations, as shown in the following example:
System.security.loadPolicyFile("http://foo.com/sub/dir/pf.xml");
This causes Flash Player to retrieve a policy file from the specified URL. Any permissions granted
by the policy file at that location will apply to all content at the same level or lower in the virtual
directory hierarchy of the server. The following code continues the previous example:
loadVariables("http://foo.com/sub/dir/vars.txt") // allowed
loadVariables("http://foo.com/sub/dir/deep/vars2.txt") // allowed
loadVariables("http://foo.com/elsewhere/vars3.txt") // not allowed
You can load any number of policy files using
that requires a policy file, Flash Player always waits for the completion of any policy file
downloads before denying a request. As a final fallback, if no policy file specified with
loadPolicyFile()
/crossdomain.xml.
Using the
xmlsocket
directly from an XMLSocket server, as shown in the following example:
System.security.loadPolicyFile("xmlsocket://foo.com:414");
This causes Flash Player to attempt to retrieve a policy file from the specified host and port. Any
port can be used, not only ports 1024 and higher. Upon establishing a connection with the
specified port, Flash Player transmits
XMLSocket server can be configured to serve both policy files and normal XMLSocket
connections over the same port, in which case the server should wait for
before transmitting a policy file. A server can also be set up to serve policy files over a
request/>
separate port from normal connections, in which case it can send a policy file as soon as a
connection is established on the dedicated policy file port. The server must send a null byte to
terminate a policy file, and may thereafter close the connection; if the server does not close the
connection, Flash Player will do so upon receiving the terminating
System.security.loadPolicyFile()
authorizes a request, Flash Player consults the original default location,
protocol along with a specific port number, lets you retrieve policy files
<cross-domain-request/>
, Flash Player 7.0.19.0 can load
. When considering a request
loadPolicyFile()
, terminated by a
null
System.security.loadPolicyFile()
parameter. Flash
url
byte. An
null
<cross-domain-
byte.
443