Flash CS3 Documentation 
Flash CS3 Documentation |
|||
| Learning ActionScript 2.0 in Adobe Flash > Understanding Security > About local file security and Flash Player > Publishing files for local deployment | |||
|
|||
|
|||
|
|||
You might send your Flash FLA or SWF files to a user to test or approve and need the application to access the Internet. If your document plays back on a local system but accesses files on the Internet (for example, loading XML or sending variables), your user might need a configuration file for the content to function properly, or you might need to set up the FLA file so the SWF file that you publish can access the network. Alternatively, you can set up a configuration file inside the FlashPlayerTrust directory. For more information on setting up configuration files, see Creating configuration files for Flash development.
Use Flash to create content for local deployment that works with Flash Player local file security. In Flash 8 and later publish settings, you must specify whether local content can access the network or access the local file system, but not both.
You can set permission levels for a FLA file in the Publish Settings dialog box. These permission levels affect the local playback of the FLA file, when it plays locally on a hard disk.
|
NOTE |
|
If you specify network access for a local file, you must also enable permissions in the SWF, HTML, data, and server files that are accessed by the local SWF file. |
Network SWF files SWF files that download from a network (such as an online server) are placed in a separate sandbox that corresponds to their unique website origin domains. Local SWF files that specify they have network access are placed in the local-with-networking sandbox. By default, these files can read data from only the same site from which they originated. Exact-domain matching applies to these files. Network SWF files can access data from other domains if they have the proper permissions. For more information on network SWF files, see Access network only.
Local SWF files SWF files that operate with local file systems or UNC network paths are placed into one of three sandboxes in Flash Player 8 and later. By default, local SWF files are placed in the local-with-file-system sandbox. Local SWF files that are registered as trusted (using a configuration file) are placed in the local-trusted sandbox. For information on the three sandboxes, see Access local files only (default).
For more information on the security sandbox, see Understanding local security sandboxes.
The first two permission levels are set in the Flash authoring environment, and the third is set using the Global Security Settings panel or the FlashAuthor.cfg file. The following example shows what options are available when you publish a file for testing on your local hard disk.
For more information on levels of permission that you can set for your applications, see Access local files only (default), Access network only, and Access file system and network.
To set this permission level, select Publish Settings > Flash, and then select Access Local Files Only from the Local Playback Security pop-up menu. This permission level lets a local SWF file access only the local file system where the SWF file is running. The SWF file can read from known files on the local disk without any restrictions. However, the following restrictions apply to the application accessing the network:
allowScriptAccess is set to always or if allowScriptAccess is not set and the SWF file is Flash Player 7 or earlier.To set this permission level, select Publish Settings > Flash, and then select Access Network Only from the Local Playback Security pop-up menu. Local SWF files with network access can read from a server if the server contains a cross-domain policy file with <allow-access-from-domain= "*">. Local SWF files with network access may cross-script other SWF files if the other SWF files, which are being accessed, contain System.security.allowDomain("*"). A local SWF file with network access can be cross-scripted by network SWF files if the local SWF file contains allowDomain("*"). The SWF file can never read from local files. In some cases, the type of SWF file affects the access. For information, see allowDomain (security.allowDomain method) in the ActionScript 2.0 Language Reference.
The wildcard (*) value indicates that all domains, including local hosts, are allowed access. Be certain you want to provide this broad level of access before using the wildcard argument.
Without any of these permissions, local SWF files with network access can communicate only with other local SWF files that have network access, and they can send data to servers (using XML.send(), for example). In some cases, access is allowed if the HTML file is trusted.
This level is the highest level of permission. A local SWF file that has these permissions is a trusted local SWF file. Trusted local SWF files can read from other local SWF files, interact with any server, and write ActionScript for other SWF files or HTML files that have not explicitly forbidden the file permission (for example, with allowScriptAccess="none"). This level of permission can be granted by the user or Flash developer in the following ways:
A configuration file can be installed with the SWF file, created by a Flash developer, or added by an administrator (for all users or the current user) or any Flash developer (for the current user).
For more information on configuration files and the Global Security Settings panel, see About Flash Player security settings and Specifying trusted files using the Settings Manager and Creating configuration files for Flash development.
Flash CS3
Send me an e-mail when comments are added to this page | Comment Report
Current page: http://livedocs.adobe.com/flash/9.0/main/00001073.html