tags:

views:

2511

answers:

3
+2  Q: 

How do I call a Flex SWF from a remote domain using Flash (AS3) ?

I have a Flex swf hosted at http://www.a.com/a.swf. I have a flash code on another doamin that tries loading the SWF:

_loader = new Loader(); var req:URLRequest = new URLRequest("http://services.nuconomy.com/n.swf"); _loader.contentLoaderInfo.addEventListener(Event.COMPLETE,onLoaderFinish); _loader.load(req);

On the onLoaderFinish event I try to load classes from the remote SWF and create them: _loader.contentLoaderInfo.applicationDomain.getDefinition("someClassName") as Class

When this code runs I get the following exception SecurityError: Error #2119: Security sandbox violation: caller http://localhost.service:1234/flashTest/Main.swf cannot access LoaderInfo.applicationDomain owned by http://www.b.com/b.swf. at flash.display::LoaderInfo/get applicationDomain() at NuconomyLoader/onLoaderFinish()

Is there any way to get this code working?

A: 

Mayhaps System.Security.allowDomain is what you need?

Rytmis  2008-08-18 09:36:26
+5  A: 

This is all described in The Adobe Flex 3 Programming ActionScript 3 PDF on page 550 (Chapter 27: Flash Player Security / Cross-scripting):

If two SWF files written with ActionScript 3.0 are served from different domains—for example, http://siteA.com/swfA.swf and http://siteB.com/swfB.swf—then, by default, Flash Player does not allow swfA.swf to script swfB.swf, nor swfB.swf to script swfA.swf. A SWF file gives permission to SWF files from other domains by calling Security.allowDomain(). By calling Security.allowDomain("siteA.com"), swfB.swf gives SWF files from siteA.com permission to script it.

It goes on in some more detail, with diagrams and all.

Theo  2008-08-18 09:59:50
+2  A: 

You'll need a crossdomain.xml policy file on the server that has the file you load, it should look a something like this:

<?xml version="1.0"?>
<!-- <http://www.foo.com/crossdomain.xml&gt; -->
<cross-domain-policy>
  <allow-access-from domain="www.friendOfFoo.com" />
  <allow-access-from domain="*.foo.com" />
  <allow-access-from domain="105.216.0.40" />
</cross-domain-policy>

Put it as crossdomain.xml in the root of the domain you're loading from.

Also you need to set the loader to read this file as such:

var loaderContext:LoaderContext = new LoaderContext();
loaderContext.checkPolicyFile = true;

var loader:Loader = new Loader();
loader.contentLoaderInfo.addEventListener( Event.COMPLETE, onComplete );
loader.load( new URLRequest( "http://my.domain.com/image.png" ), loaderContext );

code sample yoinked from http://blog.log2e.com/2008/08/15/when-a-cross-domain-policy-file-is-not-enough/

grapefrukt  2008-08-18 10:03:36

related questions

Silverlight vs Flex
Executing JavaScript from Flex: Is this javascript function dangerous?
How To Get Label Of Combobox to Fade In Flex
How do I change the title bar icon in Adobe AIR?
Flex: does painless programmatic data binding exist?
SoapException: Root element is missing occurs when .NET web service called from Flex
Any recommendations for in-depth Flex training?
How do I restyle an Adobe Flex Accordion to include a button in each canvas header?
Deleting / Replacing A Node in E4X (AS3 - Flex)
How can I "unaccept" a drag in Flex?
Printing Flex components in FireFox 3
Is it possible to add behavior to a non-dynamic ActionScript 3 class without inheriting the class?
How do I get rid of the "multiple describeType entries" warning?
Open local file with AIR / Flex
Flex / Air obfuscation
Adobe Flex component events
Can you access the windows registry from Adobe Air?
Actionscript 3 - Fastest way to parse yyyy-mm-dd hh:mm:ss to a Date object?
Adobe Air - Using multiple SQLite databases at once
How can I unit test Flex applications from within the IDE or a build script?
Best way to learn Flash?
Get the current logged in OS user in Adobe Air
Adobe air - SQLStatement.execute() - Multiple queries in one statement
Unloading a ByteArray in Actionscript 3.