Can MX pull data from outside the domain the swf is on?

**JT122333** · 03-16-2002, 12:43 PM

I know you couldn't do this with Flash 5 before as it was a security issue. Can you do it with MX?

**Subway** · 03-16-2002, 12:50 PM

NO. (Did no test on it, but I'm almost sure)

Fredi

**Naked inc.** · 03-16-2002, 01:50 PM

not tested.

System.security.allowDomain("myOtherServer.com");

**JT122333** · 03-16-2002, 01:53 PM

oh boy, me thinks me needs to get a Flash MX book. Any suggestions?

**JT122333** · 03-16-2002, 01:56 PM

It's so cool you can load jpgs from whereever.

**Subway** · 03-16-2002, 02:52 PM

Originally posted by Naked inc.
not tested.

System.security.allowDomain("myOtherServer.com");

Now - that's a security hole.

Anyone tested it?

Fredi

**FlashHungry** · 03-16-2002, 04:05 PM

If this is true, all the evil minds just started working overtime.

**NETbreed** · 03-16-2002, 05:17 PM

Hiya,

Code:

System.security.allowDomain("myOtherServer.com");

...is used to create a tunnel through which SWFs from different domains can communicate through LocalConnection(). This ActionScript is used on the receiving Movie and will allow movies from the specified domain(s) to communicate with it!

Regards,

Steve

**JT122333** · 03-16-2002, 05:20 PM

ok, so you have to have access to both domains. This is very nice.

**NETbreed** · 03-16-2002, 05:31 PM

The good news is that loadMovie() is no longer under the strict security restrictions. You can happily use loadMovie() to load SWF and JPG files from other domains.

However, I believe that you cannot then use the original movie to modify details of the loaded (child) SWF unless that movie gives express permission using the aforementioned System.security.allowDomain() call.

There's a full whitepaper on the security settings of Flash MX here: http://download.macromedia.com/pub/f...s/security.pdf

Regards,

Steve

**angstrom** · 03-17-2002, 02:30 PM

from the errata on MX manual (@ http://www.macromedia.com/support/fl...errata03.html)

System.security.allowDomain
Availability:

Flash MX

Usage:

System.security.allowDomain(domain1, domain2,....domainN)

Description:

Allows Flash MX movies in the identified domains to access objects and variables in the Flash MX movie that calls the allowDomain command.

Example:

The domains can be formatted in the following ways: domain.com, http://domain.com, or http://IPaddress.

Scenario:

<http://www.macromedia.com/MovieA.swf> loads <http://www.shockwave.com/MovieB.swf>. MovieA.swf contains the command System.security.allowDomain("shockwave.com") . Therefore MovieB.swf will be able to access MovieA.swf's objects and variables.

**FlashHungry** · 03-17-2002, 04:14 PM

woo hoo.

Just got 3 oranges on NetBreeds sig!

Hey, is there a tutorial on how to make spinning reels for a slot machine? I need to do one.

Thanks

**chris.sauber** · 03-17-2002, 04:51 PM

slot machine...does that mean that security critical apps like casino games (ah yeah...slot machine!) are no longer a big problem when created with flash?(security issue)
any practical ideas?

Thread: Can MX pull data from outside the domain the swf is on?

Thread Tools

Display

Posting Permissions