Maybe I had it backwards. If use-network is true, then access to local files via absolute paths is not allowed and a trust file is required.
________________________________ From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Stephen Roy J. Tang Sent: Wednesday, October 17, 2007 12:51 AM To: [email protected] Subject: [flexcoders] Re: security sandbox violations Wait, sorry, I'm a bit confused. Let me sum it up: What I want is: - my swf should be able to load files with image/swfloader using relative paths - my swf should not raise sandbox violations either when running locally or via HTTP - I will possibly have a multi-swf topology >From testing, it seems that all I need to do is to compile with "-use-network=false"? (Well, I didn't test the multi-swf part) Without this option, I get a sandbox violation when running on a local machine in an untrusted folder What's the case where I need to put "?:" in the URL or update the trust files? I'm not sure --- In [email protected] <mailto:flexcoders%40yahoogroups.com> , "Alex Harui" <[EMAIL PROTECTED]> wrote: > > I suppose you could say that's a bug in Flex. You are either in a "remote" sandbox or one of the "local" sandboxes. You're only in "remote" when the swf is served via HTTP. > > > > If you're in local, it isn't a matter of what constitutes network i/o as much as what is in allowed by the sandbox. In local-no-network, subfolders are ok, but any absolute path is not, even if it maps to a subfolder. The Image/SWFLoader code, however, doesn't check sandboxes and always generates absolute paths from relative paths. That's because in a multi-swf environment, the player always loads urls relative to the first swf loaded and not the swf requesting the load so we convert all relative paths to absolute (relative to the swf requesting the load) and that's not allowed in your configuration. > > > > Your SWF will work in both places regardless of whether use-network is true or false. When in "local-with-networking" you could get to the network if you wanted to, and other content loaded by you can get to the network as well. > > > > I guess almost everyone uses local-with-networking (it is the default in Flex) so nobody's bumped into this before. You can file a bug if you want, but I don't think we'd fix it as it would just cause issues for those using multiple swfs. > > > > So, if you don't have a multi-swf topology, you might be able to fake us out by adding a "?:" to the url. Not sure that'll work though. It'll probably just be easier to update the trust files. There are tech notes on the web as to how to configure them. > > > > ________________________________ > > From: [email protected] <mailto:flexcoders%40yahoogroups.com> > [mailto:[email protected] <mailto:flexcoders%40yahoogroups.com> ] On Behalf Of Stephen Roy J. Tang > Sent: Tuesday, October 16, 2007 11:16 PM > To: [email protected] <mailto:flexcoders%40yahoogroups.com> > Subject: [flexcoders] Re: security sandbox violations > > > > Also, my original understanding of "-use-network=false" is that the > SWF would be trusted to access local resources, but not network > resources. What counts as "network resources" in this case? I > initially assumed that I would encounter an error if I uploaded the > SWF and the image to a web server, but it seems that's not the case. > > Ideally, I want my SWF to work both when running on a local machine, > and also when deployed on a webserver. > > --- In [email protected] <mailto:flexcoders%40yahoogroups.com> <mailto:flexcoders%40yahoogroups.com> , "Stephen Roy J. Tang" > <roytang.sub@> wrote: > > > > In that case, say I have an SWF compiled using FlexBuilder and I move > > the copy to another folder (or another machine), would it raise the > > security violation? > > > > --- In [email protected] <mailto:flexcoders%40yahoogroups.com> <mailto:flexcoders%40yahoogroups.com> , Mac Martine <martine@> wrote: > > > > > > > > > When you create a Flex workspace, that workspace path is then added > > to the > > > list of directories ³trusted² by the Player (in flexbuilder.cfg). > > Therefore, > > > on your machine any files that are in that directory (or a > > subdirectory of > > > that folder) are trusted. When your friend is trying to run it, the > > Player > > > is trying to access an un-trusted location. > > > -mac > > > > > > > > > On 10/16/07 8:24 PM, "Stephen Roy J. Tang" <roytang.sub@> wrote: > > > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > > > How exactly does the Flash Player determine when it will throw a > > > > security sandbox error? I encountered a problem with a case like > this: > > > > I had an Image object loading a file via relative path, i.e. > <mx:Image > > > > source="assets/filename.png" />. The swf works fine on my machine. > > > > > > > > A coworker checks out the source and compiles it on her own machine, > > > > and she gets a sandbox violation error. The difference is that she's > > > > using command line mxmlc to compile, I'm using Flex Builder. Neither > > > > of us are using the use-network compiler param. Of course, I ask her > > > > to just set the param and she can then run the swf without > error. But > > > > I'm curious as to why it would behave differently in her case and > > mine. > > > > > > > > Thanks, > > > > > > > > Roy > > > > > > > > > > > > > > > > > >
