| System.security.allowDomain( ) Method | Flash 6 |
| sets cross-domain movie permissions |
A list of one or more domains for which access to the movie should be granted.
The security property is a reference to the built-in Security object, which defines a single important method, allowDomain( ). We use allowDomain( ) to grant movies at other domains access to the current movie. Though security limitations have been a part of the Flash Player since version 4, Flash 6 formalizes the concept of the security sandbox. Under the rules of the sandbox, a movie hosted at one domain cannot:
Invoke methods or functions in a movie loaded from another domain
Access data (user-defined variables, user-defined properties, and nested movie clips) in a movie loaded from another domain
Load XML or variables from another domain via the LoadVars class, loadVariables( ), XML.load( ), or XML.sendAndLoad( )
Connect to an XMLSocket server on another domain
By default, the security sandbox is active, and all attempts to perform the above operations are ignored by Flash Player 6. Using allowDomain( ), we can override these restrictions.
The allowDomain( ) method is invoked by the movie that wishes to grant access to a particular domain or domains, specified by domain1, domain2, ...domainn. For example, suppose Graham posts his resume, grayResume.swf, on graydient.com and wants to allow jobBoard.swf, posted on moock.org, to access it. On the first frame of grayResume.swf, he must use allowDomain( ) to grant movies at moock.org access, as follows:
System.security.allowDomain("moock.org");
Once moock.org has been added to grayResume.swf's list of trusted domains, jobBoard.swf (at moock.org) can load grayResume.swf from graydient.com and set its variables, stop its playhead, or otherwise manipulate it without any security limitations. For example:
// Make a container into which to load grayResume.swf
this.createEmptyMovieClip("holder", 1);
// Load grayResume.swf
holder.loadMovie("http://www.graydient.com/grayResume.swf");
// Create a preloader that detects when the movie has loaded
var preloadInterval = setInterval(setText, 1000);
// Function to be called every second. When the movie has loaded,
// the function assigns it some text and stops its playhead.
function setText () {
if (holder._framesloaded > 0 && holder._framesloaded = = holder._totalframes) {
// Stop the loaded movie
holder.stop();
// Assign some text
holder.subtitle_txt.text = "Gray's resume brought to you by moock.org.";
// Stop the load checker
clearInterval(preloadInterval);
}
}
Movies that are hosted at the same domain are not affected by sandbox restrictions. Table 18-21 demonstrates when the security sandbox comes into effect. To check the domain of the current movie, use LocalConnection.domain( ).
|
Domain of movie origin |
Host to connect to |
Permitted? |
Permitted via allowDomain( )? |
|---|---|---|---|
|
www.somewhere.com |
www.somewhere.com |
Yes |
Yes |
|
www.somewhere.com |
other.somewhere.com |
Yes |
Yes |
|
www.somewhere.com |
somewhere.com |
Yes |
Yes |
|
somewhere.com |
www.somewhere.com |
Yes |
Yes |
|
www.somewhere.com |
www.elsewhere.com |
No |
Yes |
For backward compatibility, Flash 4 and Flash 5 movies loaded from different domains into Flash Player 6 can still access each other's data (as was possible in the older versions of the Player). However, a Flash 5 movie cannot access the data in a Flash 6 movie loaded from a different domain, nor vice versa.
The allowDomain( ) method cannot directly override security restrictions on loading XML, loading variables, or communicating over XMLSocket. However, it is possible to load XML or variables from a different domain by using a movie on that domain as a proxy for communications. For example, suppose main.swf at moock.org wants to load a file, newsFeed.xml, from graydient.com. The main.swf file must load a proxy movie, xmlloader.swf, from graydient.com. Then, xmlloader.swf must load the newsFeed.xml file and use allowDomain( ) to grant moock.org access to it. The main.swf movie can then access the loaded data via xmlloader.swf. Unfortunately, at the time of writing, a bug prevents this proxy-movie system from working in the current build of Flash Player 6 (6.0.61.0). Macromedia is aware of the issue and is working to address it.
XML and loaded variable security can also be circumvented with a either a DNS alias or a server-side proxy script that acts as a go-between for Flash and the external site. For more information, see:
A Flash client at one domain can connect to an XMLSocket server on a different domain by using a movie on the server's domain as a proxy for communications (the bug mentioned earlier does not affect XMLSocket communications). For example, suppose a chat socket server is running on moock.org. The owner of graydient.com wants to post a chat movie (chat.swf) at graydient.com that uses moock.org's chat server.
The owner of moock.org must create a proxy movie for graydient.com by following these steps:
Create a movie called socketObject.swf.
On frame 1 of socketObject.swf, add the following code:
// Grant access to graydient.com
System.security.allowDomain("graydient.com");
// Create the XMLSocket object. This must be done here.
sock = new XMLSocket();Post socketObject.swf at moock.org (the socket server's domain).
From chat.swf, the owner of graydient.com must use the socketObject.swf proxy movie to communicate with moock.org's socket server, as follows:
On frame 1 of chat.swf, load socketObject.swf onto level 1 (any level or target will work):
loadMovieNum("http://www.moock.org/socketObject.swf", 1);Once socketObject.swf has loaded, use the _level1.sock object to connect to and communicate with the socket server. For example:
// Create an output text field
this.createTextField("out_txt", 1, 100, 100, 400, 100);
out_txt.border = true;
// Set callback to handle connection
_level1.sock.onConnect = function (success) {
out_txt.text += ("\n Connected: " + success);
}
// Set callback to handle incoming XML
_level1.sock.onXML = function (doc) {
out_txt.text += ("\n XML arrived: " + doc);
}
// Make the connection
_level1.sock.connect("moock.org", 2001);
// Code for a button that sends XML to the socket server
sendMessage_btn.onPress = function () {
_level1.sock.send("<MESSAGE>hello world</MESSAGE>");
}A movie running off the local filesystem in the Flash Standalone Player or browser-based Player (i.e., plugin) is not subject to the security sandbox. It can load XML or variables from any domain, and it can control and access the data of any movie it loads. However, the opposite is not true. For example, if a local movie loads another movie, booklist.swf, from oreilly.com, booklist.swf cannot access or control the local movie unless the local movie includes the following call to allowDomain( ):
System.security.allowDomain("oreilly.com");
The general rule of thumb is, "local can control loaded, but loaded cannot control local."
Note that built-in properties, such as _framesloaded and _x, are not restricted by the sandbox. For example, a movie that loads another movie can change the position of the loaded movie regardless of its domain of origin.
loadMovie( ), loadVariables( ), the LoadVars class, XML.load( ), XML.sendAndLoad( ), the XMLSocket class
