What restrictions/workarounds are needed for third parties external swf

views:

195

answers:

What restrictions/workarounds are needed for third parties external swf

We are loading external swf content into an adobe air application. Content is provided by an increasing number of third parties.

Being third party content, it will be loaded in a separate security domain (trustContent=false) and a sibling app domain (loadForCompatibility=true). We are doing this using the Loader class.

What are the features/options/approaches that would cause problems when using the swf as external content?

I am interested in any kind of issues, as we have already reproduced issues with content that occur regardless of the app domain / security domain where its loaded ( and occurs also in both Loader and SWFLoader).

Any workarounds for the issues are highly appreciated, especially ones that can be applied from the main app.

One we already addressed:

Content outside of the external swf stage shows in the application, and when setting the size where it will be displayed the offstage elements are taken into account. Workaround: Add a mask on the main app so the external content is hidden. Use .content.width/height (full with offstage elements) and .content.loaderInfo.width/height (original stage size) to calculate how much to scale content so the original stage matches the visible area.

eglasius 2009-06-19 23:07:04

+1 A:

The big nasty problem (and one we've dealt with a lot!) is the fact that external SWFs simply can not be directly trusted. Ever. This makes communicating between them and the base AIR application difficult at best.

There is a hack around this based on loading the data of the SWF via a URLLoader and then taking the bytearray from it and pumping it into a Loader. However, I believe that hack was killed with AIR 1.5.1.

That being said, it is possible to communicate between the AIR app and the loaded SWF through what Adobe calls the sandbox bridge. However, setting up the sandbox bridge is a royal pain and any complex data (objects, even as simple as Arrays) get stripped down to generic objects on the other side of the bridge and can not be cast back to their original form.

For our recent projects that needed to use the bridge we created a specialty class called AIRBridge that you use on both sides of the bridge and it facilitates setting everything up properly. If you're interested, you can pull the current source from our Google Code project Automata-Tools.

Branden Hall 2009-06-20 05:07:39

Thx a lot Branden for the good info. This confirms what I had recently read about the air security model in the link posted in this answer: http://stackoverflow.com/questions/697155/is-there-an-way-to-load-external-swf-into-a-sandbox-in-flash/698079#698079. We are not currently doing any communication with the third party SWFs, but we will and I will definitely take a further look into that project when we get to it. Did u experience other type of issues with external content i.e. using the stage, root and similar properties? (read recently those can introduce issues - but not sure on it)

eglasius 2009-06-20 22:37:39

Yes, you have no access to the stage. Any attempt to access it will result in an exception. This also means that certain components won't work in the child swf. I know comobox is one offender, and I'd suspect any of them that do a "popup" of anyone would cause problems.Good luck and it was damn smart to ask here first - we had to discover these issues the painful way!

Branden Hall 2009-06-21 04:05:08

ansaurus

tags:

views:

answers:

What restrictions/workarounds are needed for third parties external swf

related questions