1
votes

I'm building an swf player, it works fine for local swf files, but not when the swf tries to access external resources (rss). I figured out that Adobe AIR is blocking that access. Does anyone know if it's possible to bypass this security mechanism, maybe using a LoaderContext ?

I'm getting this message:

* Security Sandbox Violation * Connection to http://x.com/ halted - not permitted from file:///x.swf -- Untrusted local SWFs may not contact the Internet.

There's no way to me to create the crossdomain.xml on http://x.com/.

thanks,

3

3 Answers

1
votes

This behavior is by design to address a class of security vulnerabilities where flash movies access network resources from destinations that the end user did not authorize, possibly even without the end user's knowledge. You can either a) allow the user to give permission for the swf movie to operate outside the sandbox (usually a negative user experience) or b) proxy all requests to 3rd party servers through some kind of proxy mechanism on your site hosted on the same domain as the sfw movie (sneaky but it works).

0
votes

If it's for just your machine, you can do the follwing:

  1. Open your SWF file in the flash player
  2. Right-click on the stage, and go to Flash Player's Global Security Settings
  3. Click on "Edit Locations..."
  4. Click on "Add Location..."
  5. Under "Trust this location" enter the URL of the RSS file you want your flash to access.
  6. Click confirm and re-run your SWF. Should work, but only for your PC.
0
votes

it also comes this global configuration panel you speak. Configuration window that I get, speaking on microphone, camera, etc..