Path problem in my web project
A Flash Developer Resource Site

Results 1 to 6 of 6

Thread: Path problem in my web project

  1. #1
    Member
    Join Date
    Aug 2014
    Posts
    45

    Path problem in my web project

    Hi all,

    First off my project is working fine as is and this issue is arising only because I wish to shift my swf and HTML / (php ) file generated by the program to a directory outside the root directory so that they may not be directly accessible.

    For the settings which work just great, my directory structure specified in the published files is as follows:

    For SWF files : D:/xampp/htdocs/xampp/projectout/movie/test.swf
    For HTML files : D:/xampp/htdocs/xampp/projectout/php/test.html

    projectout is the public folder of my project. So with this settings all is good. (there is something which is puzzling and that is that when I run my project in flash to compile it - it won't run in that environment of-course -it gives an error which is "Error opening URL 'file:///D|/xampp/htdocs/xampp/projectout/movie/php/test.php' ". I do not understand how this path is generated. A comparison with the published settings shows something is amiss.)

    But this is in fact correct when it comes to the web project, because that works fine. In fact if i try and rectify this path and change it to anything else, my project does not work. So that was a puzzle.

    Back to the actual issue, I want my swf and html files to be in another folder. The heirarchy of my directory path is below:

    Public folder -projectout
    |
    --php
    -- movie
    Private folder -projectinn
    |
    --php
    -- movie

    My published files are therefore now as follows:

    For SWF files : D:/xampp/htdocs/xampp/Projectinn/movie/test.swf
    For HTML files : D:/xampp/htdocs/xampp/Projectinn/php/test.html

    test.html generates the movie object which is as below:-

    HTML Code:
    		object classid="clsid:d27cdd6p-...
    		...
                    ...
    		param name="movie" value="../movie/Gig.swf" 
                    ...
                    ...
    	        embed src="../movie/Gig.swf" ...
    As can be seen
    HTML Code:
    		param name="movie" value="../movie/Gig.swf"
    and
    HTML Code:
      embed src="../movie/Gig.swf"
    the object searches for the swf (using a relative path from the php folder in projectinn) at the embedded path but fails since the HTML is itself embedded in index.php in the projectout folder. So I changed the embedded path to <../projectinn/movie/test.swf ...>. This caused the movie to be detected but freeze at the first frame. It does not go any further. I have no idea what to do to make this movie run now.

    I hope I have been able to explain the issue simply and accurately enough for someone (- some gurus!! -) to try and help me with this and suggest a way out of this.

    Thanks all & kind regards !

  2. #2
    Member
    Join Date
    Aug 2014
    Posts
    45
    Hi to all !

    Guys I feel maybe I have been over zealous in describing this problem and so complicated it in the process. So i'll take it one at a time and try and describe it once again.

    The main issue is that I wish to remove the swf file from the public folder of the web server and put it into another place outside the root so that the swf file is not directly accessible to anyone.

    The first question then is that is that a right approach or the swf files cannot be / should not be placed anywhere else.

    Next My website's public folder is organised like this :

    Public folder - projectout
    |
    --php
    -- movie

    The swf by default is placed at projectout/movie/Gig.swf and this movie is accessed through code HTML embedded in index.php lying inside projectout

    I want to shift the movie from its current folder to the following folder

    Private folder -projectinn
    |
    --php
    -- movie/Gig.swf

    to outside the root.

    When I do this, while the movie is detected - displays frame1 - but does not proceed further and freezes on that frame.

    Please help guys.

  3. #3
    Tim (Super Moderator) Northcode's Avatar
    Join Date
    Dec 2000
    Location
    Whitehorse YT
    Posts
    3,746
    The main issue is that I wish to remove the swf file from the public folder of the web server and put it into another place outside the root so that the swf file is not directly accessible to anyone.
    If the SWF isn't visible to client using the web server then the Flash player (which runs on the client) won't be able to "see" it so it won't be able to play it. You can move the SWF file around but anyone who can play it (using the Flash player) can find out where it is (web developer console, Charles, etc) and request the file directly.
    When your swf2exe tool just HAS to work
    there's only one choice... SWF Studio

  4. #4
    Member
    Join Date
    Aug 2014
    Posts
    45
    Hi Northcode,

    First off thanks loads for the reply. I have been waiting for a reply for long for this and I am glad you replied.

    The swf is to run inside the index.php which is in the public folder. The code for running the swf is embedded into the index.php with a path to the swf for it to be loaded. So won't that make the movie indirectly available to the flash player?

    Is it the norm to keep the swf's on a website in the public folders? Won't that be a security concern ? I know swf's can be spoofed off the flash player but preventing direct access to the swf would be at least some sort of a deterrent to the ordinary user? Any other method by which we can secure the swf's?

    Thanks loads.

  5. #5
    Tim (Super Moderator) Northcode's Avatar
    Join Date
    Dec 2000
    Location
    Whitehorse YT
    Posts
    3,746
    AFAIK, the SWF has to be directly accessible to the Flash player. You have to get the bytes from the server the Flash player (which runs on the client) and the only way to do that is to expose the SWF via a publicly accessible resource. If you have a SWF running in the Flash player and it does a loadBytes through a PHP script that serves up the bytes, that will work but it's effectively the same thing. The first SWF is accessible and can be decompiled to show where the second SWF is being loaded from and the attacker (or curious onlooker) can get the SWF the same way.
    When your swf2exe tool just HAS to work
    there's only one choice... SWF Studio

  6. #6
    Member
    Join Date
    Aug 2014
    Posts
    45
    Hi Northcode !

    Thanks for the reply and sorry for the delay in my response. I get the idea. So the swf has to be kept in a public folder. I guess nothing much can be done about that !

    Thanks loads for taking time to explain that.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center

Poll by Flashkit.com