View comments | RSS feed

About custom policy file locations

Flash Player 7 (7.0.19.0) supports a new method called System.security.loadPolicyFile. This method lets you specify a custom location on a server where a cross domain policy file can be found, so it does not need to be in the root directory. Flash Player 7 (7.0.14.0) only searched for policy files in the root location of a server, but it can be inconvenient for a site administrator to place this file in the root directory. For more information on the loadPolicyFile method and XMLSocket connections, see About XMLSocket policy files and System.security.loadPolicyFile in Flash ActionScript Language Reference.

If you use the loadPolicyFile method, a site administrator can place the policy file in any directory, as long as the SWF files that need to use the policy file call loadPolicyFile to tell Flash Player where the policy file is located. However, policy files not placed in the root directory have a limited scope. The policy file only allows access to locations at or below its own level in the server's hierarchy.

The loadPolicyFile method is available only in Flash Player 7 (7.0.19.0) or greater. Authors of SWF files using the loadPolicyFile method must do one of the following:

Otherwise, authors must create SWF files so a failure of a cross-domain loading operation is implemented.

Caution: If your SWF file relies on loadPolicyFile, visitors with Flash Player 6 or earlier or Flash Player 7 (7.0.19.0) or later will not have problems. However, visitors with Flash Player 7 (7.0.14.0) will not have support for loadPolicyFile.

If you want to use a policy file in a custom location on the server, you must call System.security.loadPolicyFile before you make any requests that depend on the policy file, such as the following:

System.security.loadPolicyFile
      ("http://www.foo.com/folder1/folder2/crossdomain.xml");
var my_xml:XML = new XML();
my_xml.load("http://www.foo.com/folder1/folder2/myData.xml");

You can load several policy files with overlapping scopes using loadPolicyFile. For all requests, Flash Player tries to consult all the files whose scope includes the location of the request. If one policy file fails to grant cross domain access, another file is not prevented from granting access to data. If all access attempts fail, Flash Player looks in the default location of the crossdomain.xml file (in the in the root directory). The request fails if no policy file is found in the default location.

Comments


Beaver82 said on Oct 11, 2004 at 6:40 AM :
using flash7.2 it gives me runtime error, also if the class file is ok


**Error** Scene=Scene 1, layer=include, frame=1:Line 3: There is no method with the name 'loadPolicyFile'.
System.security.loadPolicyFile("myxml.xml");

Total ActionScript Errors: 1 Reported Errors: 1
No screen name said on Feb 23, 2005 at 12:25 AM :
I've the same problem. I've found some description sugested using new Flash Player, but I have the least realese 7.0.19. It's still wrong.
No screen name said on Feb 23, 2005 at 2:53 AM :
I use Flash 2004 MX Prof (7.2)

System.security.loadPolicyFile () does not work correctly ("no method error")
System.security["loadPolicyFile"] work fine.
ergica said on Sep 7, 2005 at 4:03 AM :
flash7
Arul Prasad said on Jan 9, 2006 at 8:11 AM :
I dint run into this issue thats being discussed above. However, I came across a blog post which detailed a solution for this problem.
Check out:
http://www.joshbuhler.com/2005/04/25/systemsecurityloadpolicyfile-not-found/

 

RSS feed | Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/flash/mx2004/main_7_2/00001098.html