EasyManua.ls Logo

MACROMEDIA FLASH 8-LEARNING ACTIONSCRIPT 2.0 IN FLASH - Page 704

MACROMEDIA FLASH 8-LEARNING ACTIONSCRIPT 2.0 IN FLASH
830 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
704 Understanding Security
If the SWF file you are downloading comes from an HTTPS server, but the SWF file loading
it is on an HTTP server, you need to add the
secure="false" attribute to the <allow-
access-from>
tag, as shown in the following code:
<allow-access-from domain="www.foo.com" secure="false" />
A policy file that contains no <allow-access-from> tags has the same effect as not having a
policy on a server.
About custom policy file locations
Flash Player 7 (7.0.19.0) supports a method called System.security.loadPolicyFile.
This method lets you specify a custom location on a server where a cross-domain policy file
can be found, so it does not need to be in the root directory. Flash Player 7 (7.0.14.0) only
searched for policy files in the root location of a server, but it can be inconvenient for a site
administrator to place this file in the root directory. For more information on the
loadPolicyFile method and XMLSocket connections, see About XMLSocket policy files
on page 705 and
loadPolicyFile (security.loadPolicyFile method) in the
ActionScript 2.0 Language Reference.
If you use the
loadPolicyFile method, a site administrator can place the policy file in any
directory, as long as the SWF files that need to use the policy file call
loadPolicyFile to tell
Flash Player where the policy file is located. However, policy files not placed in the root
directory have a limited scope. The policy file allows access only to locations at or below its
own level in the servers hierarchy.
The
loadPolicyFile method is available only in Flash Player 7 (7.0.19.0) or later. Authors
of SWF files using the
loadPolicyFile method must do one of the following:
Require Flash Player 7 (7.0.19.0) or later.
Arrange for the site where the data is coming from to have a policy file in the default
location (the root directory) as well as in the nondefault location. Earlier versions of Flash
Player use the default location.
Otherwise, authors must create SWF files so a failure of a cross-domain loading operation is
implemented.
CAUTION
If your SWF file relies on loadPolicyFile, visitors with Flash Player 6 or earlier or Flash
Player 7 (7.0.19.0) or later do not have problems. However, visitors with Flash Player 7
(7.0.14.0) do not have support for
loadPolicyFile.

Table of Contents

Related product manuals