In case you need a definitive answer – Check out the Adobe Flash Cross-domain policy file specification
Tag Archives: Flash Player Security
Its all here, a great article Senocular on Content Domains
Ok so now i’m confused… I’m working on a pure actionscript project in Flex 3 whereby i’m using an RSL (Runtime Shared Library) which contains some visual assets either as graphic only or as a functioning class with associated graphic. I want to test my RSL is loading ok from within Flex IDE but it always gives me a security sandbox error unless i test from a remote server… fair enough (if a little bit annoying). Surely there’s a better way to do this during development…answers on a postcard please!
What i really would like from all this is to be able to find out what the difference is between “Standalone”, “External”, “Plugin” & “ActiveX” player types and how each of these affects the current sandbox. Is “External” a Flash IDE only type? I ask because i can never get this type of player when using Flex. In Flex i can only ever get “Standalone” or “Plugin”/”ActiveX” (if using an html wrapper). Yet if i publish the same source using Flash CS4 i always get “External”. If i can get “External” in Flex does it grant access to remote data, rsl’s etc and allow a local swf any more abilities over a “Standalone” version?
I spent ages yesterday trying to find examples and info about this but nothing i discovered completely answered my question. Every single example of loading and accessing an RSL used a relative (local) path to the loading swf. In the end i did manage to get my RSL to load from a different domain but like i said my main swf has to be served remotely otherwise in the Flex IDE i get:
Error #2142: Security sandbox violation: local SWF files cannot use the LoaderContext.securityDomain property. file:///C:/Documents and Settings/USER/My Documents/Flex Builder 3//bin-debug/DocumentClass.swf was attempting to load http://www.mysite.com/shiz/SharedAsset.swf.
If anyone has experience using this sort of setup please help…