I have a flash file developed with Flex/ActionScript and put it on www.domainA.com
How can I prevent others to download my flash (*.swf) and to embed it in other web site (e.g. www.domainX.com) ?
I can hard code it by checking if "loaderinfo.url" is the same as www.domainA.com, but it seems not a clever solution.
can policy file be useful (e.g. crossdomain.xml) and with Security.loadPolicy(...)?
There are many ways to to this. Esiest one you already did it: - hardcode your domain in the flash app and check for it - put a custom policy file on your website and do not put a crossdomain file (it means you can load it locally, but it can't be loaded from other websites) - play with flashvars and local files
An swf movie is like a jpeg file, it works anywhere. Someone really really clever could just find out the way you use to prevent it's functionalities. I think after all hard-coding the url it should come from and check for it is the best solution, especially if then you encrypt the swf file using something such as amayeta flash encrypt...
I hope it helped... P