Projector sandbox can be set to "local" or "network", but not both.
Paul Andrews wrote:
Looking at the flash player security model, a projector has a local
security sandbox while a browser launched swf has a security sandbox
that includes it's own domain, so this would explain why your
projector would be restricted.
Paul
----- Original Message ----- From: "Paul Andrews" <[email protected]>
To: "Flash Coders List" <[email protected]>
Sent: Thursday, April 02, 2009 10:36 AM
Subject: Re: [Flashcoders] Proof of Concept - HTTPServiceobjectdoesn't
require crossdomain-policy file
Is this a projector or an AIR application?
Seems to me that if you say "network only" to an executable, it's
like running it in a browser with no "default" domain, whereas an AIR
application isn't restricted.
Paul
----- Original Message ----- From: "Glen Pike"
<[email protected]>
To: "Flash Coders List" <[email protected]>
Sent: Thursday, April 02, 2009 10:26 AM
Subject: Re: [Flashcoders] Proof of Concept - HTTPService
objectdoesn't require crossdomain-policy file
If that is the case then why is my standalone Flash exe restricted
when I set it to allow network access only?
Paul Andrews wrote:
Isn't the context for an AIR application different to a flash
application loaded from a browser?
In the browser the flash swf is loaded from a particular domain and
access outside that domain requires the crossdomain policy.
In an Air application there is no concept of the domain that the
swf is loaded from - it's essentially a desktop application.
Flash in Air and Flash in the browser have different security models.
Paul
----- Original Message ----- From: "Johan Nyberg"
<[email protected]>
To: <[email protected]>
Sent: Thursday, April 02, 2009 9:29 AM
Subject: [Flashcoders] Proof of Concept - HTTPService object
doesn't require crossdomain-policy file
Hi, thanks for all the response to my question about the
crossdomain.xml. But... I didn't get a lot of response to the fact
that HTTPService can access public feeds/content on other sites
without the need of a crossdomain.xml
Please check out the code included at the end of this post. I've
created a small AIR application (with a certificate) and it works
without a problem.
Am I missing something?
But again.. if my Flash app isn't allowed to access content on
another site, I can always throw together a simple php-script that
extracts the content for me that my Flash then can read...
And then I can go ahead and create my evil banner ad. ;-)
I understand that crossdomain policy files are here to stay. I
just don't understand why they don't allow me to access content on
other domains that I can access in other ways and then pass on to
Flash.
--
Johan Nyberg
Web Guide Partner
Engelbrektsplan 1
114 34 Stockholm
08 - 50 00 24 30
070 - 407 83 00
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
