Thanks a lot Tom, that was just what I was looking for.
It looks like in Flash Player 9, if you want to load *and* manipulate an image (or even a sound) from another domain you have to be able to have access to that domain and be able to put a crossdomain policy file on that server. The weird thing is that you can load an image from any server without the need for a crossdomain policy file, but you can't use BitmapData.draw() unless you have a policy file. Also, you can load an mp3 from any other server but you can't access the mp3's id3 information without a policy file on the other server. What madness is this!? What's the reasoning behind this? Surely it can't be to do with potential 'hackers' because to get around the problem you only have to create a proxy script: http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=50c96388 which any potential hacker would be able to knock up in no time. But for developers, having to create a proxy script means the data has to be redirected via your server and you have to pay for the bandwidth that uses up. I really don't understand why Flash 8 and 9 have this security feature as I don't see what extra security it provides apart from annoying developers. Paul. On 21/07/06, Tom Lee <[EMAIL PROTECTED]> wrote:
Paul, I believe the policy file being referred to is the crossdomain.xml file. Here's a technote for you on the subject, in case you're not familiar: http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_14213. After you get up to speed on cross-domain policy files, you'll want to check out http://livedocs.macromedia.com/labs/as3preview/langref/index.html?flash/syst em/LoaderContext.html&flash/system/class-list.html I think the following excerpts pertains to your question: "When loading images (JPEG, GIF, or PNG) instead of SWF files, there is no need to specify a SecurityDomain or an application domain, because those concepts are meaningful only for SWF files. Instead, you have only one decision to make: do you need programmatic access to the pixels of the loaded image? If so, see the checkPolicyFile property." >From the checkPolicyFile documentation: "Set this flag to true when you are loading an image (JPEG, GIF, or PNG) from outside the calling SWF file's own domain, and you expect to need access to the content of that image from ActionScript. Examples of accessing image content include referencing the Loader.content property to obtain a Bitmap object, and calling the BitmapData.draw() method to obtain a copy of the loaded image's pixels" Hope that helps! -tom -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Neave Sent: Friday, July 21, 2006 9:06 AM To: Flashcoders Subject: [Flashcoders] AS3, BitmapData and domain security Hi group, I've only just discovered that in Flash 8 you can't .draw() a loaded image into a BitmapData object if the image was loaded from another domain. I've search about and found you can .draw() a SWF which uses System.security.allowDomain but there's no way to .draw() an image JPG, GIF, PNG etc when loaded across domains. This is very annoying, but apparently "...this will be fixed in FP9; you will be able to use policy files to permit such things." said Deneb Meketa: http://www.kaourantin.net/2005/12/dynamically-loading-bitmaps-with.html Can someone explain how to use the policy file to permit .draw()ing cross-domain in AS3/FP9? Thanks buckets, Paul. _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
_______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
