I think it can only access the network but not local file system, but from internet some people said it can in the newest version, can anybody confirm? It can reach arbitrarily file or just a specific location?
Thanks. Bin
+1
A:
In general, an SWF from a web-server cannot read files from the client machine. But it can upload user-selected files from the client machine to the server. An operating-system specific dialog box prompts the user to select the file to be uploaded to the server. Hence Flash cannot read any file it wants, only those that are explicitly permitted by the user.
Before Flash player 10, the SWF didn't have direct access to the contents of the file being uploaded - all it did was act as an interface to select the file and send it to the server. The only way to get its contents was to send it back from the server to the SWF using URLLoader.
However starting from FP10, the FileReference class has load() method that allows you to load the user selected file directly to the SWF, instead of passing it through the server.
Similar rules apply to downloading - files can be saved into user's machine only with their permission and at the location and name specified by the user. Before FP10, you could only download a file from the server to the client - if you had to save some image created using your SWF to the client machine, you had to send it to the server and then prompt user to download it. Starting from FP10, you can write the data directly from SWF (with permission from the user, of course).
In addition to these, an SWF can store SharedObjects in the client machine which is analogous to the browser cookies. Storing shared objects doesn't involve any dialog boxes or permissions from the user. The following is quoted from the livedocs page linked to above.
Local shared objects have some limitations that are important to consider as you design your application. Sometimes SWF files may not be allowed to write local shared objects, and sometimes the data stored in local shared objects can be deleted without your knowledge. Flash Player users can manage the disk space that is available to individual domains or to all domains. When users decrease the amount of disk space available, some local shared objects may be deleted. Flash Player users also have privacy controls that can prevent third-party domains (domains other than the domain in the current browser address bar) from reading or writing local shared objects.
Amarghosh
2009-11-28 07:06:55
+1
A:
Flash player has a security mechanism called sanbox which protects the user local files, as a user you do not want a flash script to have access to your private files.
There are 2 ways which you can gain access to these files : 1) the user grants flash player access to a certain folder ( right click on the flash player -> settings -> advanced -> security ) 2) use adobe air which wraps the flash player with an executable bridge enabling access to the file system -> this will not be a web application but a program installed by the user.
Flash has a file uploader that might help you allowing users to manualy load files to your program if that helps
Eran
2009-11-28 07:10:08