BitmapData.draw problem due to security

Similar Messages

• BitmapData.draw Security Sandbox and LocalTrusted not working?

  Hello there, wondering if anyone else is having the same
  problem -- I have a LocalTrusted security sandboxType -- and when i
  try to access a BitmapData.draw method on a progressive flv, i get
  the error message:
  SecurityError: Error #2135: Security sandbox violation:
  BitmapData.draw: file://file.swf may not access null. RTMP content
  cannot be accessed using this API.
  I've rechecked my sandbox type a zillion times, as well as
  tried putting allow="*" in the crossdomain policy file ....
  is this an error in my security settings -- or is
  bitmapdata.draw on video objects now "gone"?

  Could you try this - Open and swf, rightClick - Goto
  settings, then click Advanced. On the webPage click on "Global
  Security settings panel".
  If you don't find your local directory in there, add it and
  see if things work?
  If not, it would be good if you could post the chunk of code
  which is creating problems.

• BitmapData.draw() and Security

  I am dynamically creating screen captures from flv files
  located in separate sub domains through the Bitmap Data Draw
  method. The problem is the illusion that flash calls security.
  "When you call the BitmapData.draw() method with progressive
  video as the source parameter, the caller of BitmapData.draw() must
  either be from the same sandbox as the FLV file, or the server of
  the FLV file must have a policy file that grants permission to the
  domain of the calling SWF file. You can request that the policy
  file be downloaded by setting the checkPolicyFile property of the
  NetStream object to true."
  Here is my first question. This seems to only apply to
  "progressive video". Is this yet another attempt to make us buy
  stream servers?
  And now my second question.
  Why is it that an end user can tap the flv files and draw
  freely as long as the embed object code references a cached version
  of the swf file but the remote swf file hosted on a separate sub
  domain in the same network needs to download a copy of the "policy
  file"?

  Could you try this - Open and swf, rightClick - Goto
  settings, then click Advanced. On the webPage click on "Global
  Security settings panel".
  If you don't find your local directory in there, add it and
  see if things work?
  If not, it would be good if you could post the chunk of code
  which is creating problems.

• Security issue with NetStream.appendBytes() and BitmapData.draw()

  Iuse appendBytes to continuously and seamlessly stream video data into a netStream. since we're NOT playing the video files directly from a web domain, there is no meaning to the checkPolicyFile property of our netStream object and therefore - we cannot BitmapData.draw() our Video instance with the netStream attached.
  Is there any possibility to get images from the netStream in order to manipulate them on-the-fly?

  I ran into the same problem.  Have you managed to find a solution to get around the security violation?

• Security sandbox violation: BitmapData.draw

  Hello,
  I got this error:
  SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: A policy file is required, but the checkPolicyFile flag was not set when this media was loaded. 
  when I try to draw a frame of a movie that is downloading from another server. Crossdomain.xml is set. Another Jpgs are correctly drawn but only a movie causes an error.
  I need to checkPolicyFile but where should I do this? I have no direct access  to Loader to set up LoaderContext(true) ...
  Thanks,
  Michal

  I too would love to know how we can pass in our own LoaderContext to set the security domain. I'm receiving the same error after snapshotting a loaded SWFElement bug/watermark.
  e.g.
  var bug:MediaElement = new SWFElement(new URLResource(url));
  var bugTrait:LoadTrait = bug.getTrait(MediaTraitType.LOAD) as LoadTrait;
  bugTrait.load();

• BitmapData.draw Security error

  I am drawing to bitmap from MediaContainer:
  var mediaContainer:MediaContainer = new MediaContainer();
  bitmapData.draw(mediaContainer);
  This works, but when I switch video, an error occurs:
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw
  cannot access unknown URL. No policy files granted access.
  Any ideas?

  Here you go:
  http://flashboard.info/files/DrawTest.fxp
  It has both HTTP and RTMP ways.
  I've tried launching from http:// and file:// - both work fine for me.
  Links inside app are to our production servers.
  Regards!

• There is a problem with this connection's security certificate The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept any data you send

  Hi,
  I have this Windows 2008 R2 on which I installed remoteapp some years ago.
  Now the certificate expired and I get the message
  "There is a problem with this connection's security certificate
  The remote computer cannot be authenticated due to problems with its security certificate.
  Security certificate problems might indicate an attempt to fool you or intercept any data you send to the remote computer."
  How should I renew the certificate? I already went to certification store and tried to renew certificate with same key but then it says "the request contains nor certificate template information".
  Please advise.
  J.
  J.
  Jan Hoedt

  Does the computer account have Enroll permission to the certificate template?
  From the Server running your CA, run mmc, click File then Add/Remove Snap-in...
  Add Certificate Templates and click OK.
  Find the certificate template, then right click and select properties.  On my CA its call ed RemoteDesktopComputers but might be called something different depending on what what template your certificate is based on.
  On the security tab, click Oblect types, check Computers then OK. Enter the Computername and click OK.  Then give your computer account Enroll permisssion.
  HTH,
  JB

• Security Sandbox violation bitmapData.draw() cant access null

  very strange.  I am testing with two different HD streams.  One an akamai stream and another one of our clients not on akamai and using an F4M manifest file.  I have tried allowing the domain and they have a crossdomain.xml file on their side but i still get this error.  
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://web.mobilerider.com/flash/osmflive/OSMF_Live.swf?mediaID=190&vendorID=513&extras=vs :1,skin:osmf_live,muteOn:0,autoplay:1,live:1,showArchive:1,&serviceID=2&jsID=1316213568052 cannot access null. No policy files granted access.
  any help would be very appreciated, thanks

  Hello!
  This seems to be relevant:
  http://forums.adobe.com/message/3759490#3759490

• BitmapData.draw() SecurityError: Security sandbox violation

  i am loading and playing a local video file with appendBytes() and when i call a bitmapData.draw() function
  below exception comes up.
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw
  cannot access null. No policy files granted access.
  what should i do???....

  Sir i already mention in my last message i test it with both relative and absolute.
  Yes i khow relative paths works fine when i do some thing like this
  <mx:VideoDisplay x="0" y="0" width="516" height="379" source="../user_data/uploads/cd73502828457d15655bbd7a63fb0bc8/v/1345023450-Action_.flv"/>
  bitmap.draw works fine in above case but my scenario is different i am loading a complete video as bytearray before playing and play video from that bytes
  private function fileLoaderComplete(event:Event):void
       //Pass the loaded bytes to player
         player.AddVideo(urlLoader.data);
  //This is Add video Function in Player.mxml
  public function AddVideo(VideobyteArray:ByteArray):void
                  if(ns == null)
                      var nc:NetConnection = new NetConnection();
                      nc.connect(null);
                      ns = new NetStream(nc);
                     // ns.checkPolicyFile = true;
                      ns.soundTransform = new SoundTransform(0.0);
                      ns.client = this;
                      ns.addEventListener(NetStatusEvent.NET_STATUS, nsStatus);
                  videoData = VideobyteArray;
                  GetTags(videoData);
                  ns.play(null);
                  ns.appendBytesAction(NetStreamAppendBytesAction.RESET_BEGIN);
                  ns.appendBytes(VideobyteArray);
                  video.attachNetStream(ns);
                  playBar.TogglePlay(true);
  i think its a bug in flash sdk 4.6 (Flash Player 11)
  bitmap.draw function somehow conflicts with the appendBytesAction or appendBytes
  this question is posted  on ActionScript 3.0 forum before
  http://forums.adobe.com/message/4650890#4650890
  http://flash.bigresource.com/flash-use-BitmapData-draw-with-NetStream-appendBytes--iTNz6LV JM.html
  http://stackoverflow.com/questions/5607047/how-can-i-use-bitmapdata-draw-with-netstream-ap pendbytes

• SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: cannot access

  When we try to print the Google Map API for Flash component, it is throwing the Security Sandbox Violation
        SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1 cannot access  http://mt1.google.com/vt/lyrs=m@171000000&hl=en&src=api&x=1&y=1&z=1&s=Gali&flc=x3t. No policy files granted access.
  at flash.display::BitmapData/draw()
  To avoid this error we tried to use the alternate API provided by library. But that also causing cross domain issue as it loading some 3d library internally which is not able to access our application.
  SecurityError: Error #2121: Security sandbox violation: BitmapData.draw: http://maps.googleapis.com/mapfiles/lib/map_1_20_10_3d.swf cannot access http://ps6143.persistent.co.in:8080/dv/SiteOptimizer/SiteOptimizer.swf/%5b%5bDYNAMIC%5d%5d /1http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1. This may be worked around by calling Security.allowDomain.
  at flash.display::BitmapData/draw()
  Please help us in resolving this issue.
  Thanks & Regrds,
  Ravi Darji

  There is no redirect... Charles is a web proxy so it will look completely legitimate to the browser.
  According to the help, it's getting the access request from the SWF itself and not the crossdomain.xml file:
  In the case of a source object other than a loaded bitmap, the source object and (in the case of a Sprite or MovieClip object) all of its child objects must come from the same domain as the object calling the draw() method, or they must be in a SWF file that is accessible to the caller by having called the Security.allowDomain()method.
  http://help.adobe.com/en_US/ActionScript/3.0_ProgrammingAS3/WS5b3ccc516d4fbf351e63e3d118a9 b90204-7d1b.html#WS5b3ccc516d4fbf351e63e3d118a9b90204-7c4a
  So the default state accessing a SWF on a different domain is protected, unless that SWF allows some or all domains to access it via the Security.allowDomain() method.

• Security sandbox violation: BitmapData.draw on CloudFront/S3.

  I'm using Cloudfront/AS3 to stream some video in RTMP.
  When I try to do a Bitmap.draw, I get this error:
  [Fault] exception, information=SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: [my_url] cannot access unknown URL. No policy files granted access.
  Since there is no Application.xml, I can't change the <VideoSampleAccess />.
  My crossdomain.xml is available.
  <cross-domain-policy>
  <site-control permitted-cross-domain-policies="master-only"/> 
  <allow-access-from domain="*"/>
  <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
           </cross-domain-policy>
  My bucket policy is:
    "Version": "2008-10-17",
    "Statement": [
        "Sid": "AddPerm",
        "Effect": "Allow",
        "Principal": {
          "AWS": "*"
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::[my url]/*",
        "Condition": {}
  And this is my CORS configuration:
  <CORSConfiguration>
      <CORSRule>
          <AllowedOrigin>*</AllowedOrigin>
          <AllowedMethod>GET</AllowedMethod>
          <MaxAgeSeconds>3000</MaxAgeSeconds>
          <AllowedHeader>Authorization</AllowedHeader>
      </CORSRule>
  </CORSConfiguration>
  Not sure what I must change to give myself access.
  Thanks
  Martin

  If you don't have access to the server - you will not be able to accomplish BitmapData.draw() on the video or any of its parents. The policy error refers to streaming server side policy. If you look into RTMP traffic - you will see at what point security request goes.
  I don't know what range of services Amazon cloud offers but I could imagine that, since they do offer pretty granular access to application instances, at some level it is possible to gain access to the server or engage their support to help you. I may be wrong though.

• Using your own AMS, how can you use BitmapData.draw() on an RTMP stream with no security exception?

  We have an Adobe AIR app written in AS3 that can view live video streams from other parties.  That being said, when trying to call BitmapData.draw() on one of those remote video streams (technically we're calling ImageSnapshot.captureImage()), we're getting a 2123 error - a security sandbox exception.  I've seen a lot of people refer to a real simple configuration in the AMS that will allow this to work for RTMP streams, but they keep posting broken links, links to posts that only vaguely mention this configuration, etc.  The one thing I did find is something that I'm having trouble applying:
  http://help.adobe.com/en_US/FlashMediaServer/3.5_SS_ASD/WS5b3ccc516d4fbf351e63e3d11a11afc9 5e-7ec3.html#WS5b3ccc516d4fbf351e63e3d11a11afc95e-7fcb
  Please don't just give me another link, unless it's to a quick, clear explanation.  How do you configure the AMS to allow people to capture screenshots from RTMP video streams?  For the above article, I've tried setting videoStreamAccess and audioStreamAccess both to "/", and even it didn't work.  We also need to be able to do this for P2P RTMFP streams, but that's really a different question.  Thanks.

  You will get a better luck if you post this question on media server forum:
  http://forums.adobe.com/community/adobe_media_server?view=discussions

• Getting Security Error when trying to use bitmapdata.draw method on youtube videos

  Hi All ,
  I am playing youtube videos in UIComponet of flex, but when I trying to capture the image using bitmapdata.draw() method it gives me an secutity error on server  , It works well locally in flex editor.
  Is any one knows how to resolve this bug??
  Thanks in advance
  sujit Rai

  Try nesting the clips and then adding the warp stabiliser to the nest.

• LOCAL_WITH_NETWORK sandbox and SecurityError: Error #2121: BitmapData.draw

  We have an application we run in a localWithNetwork security sandbox.  This application loads many assets from an off-site web server.  In spite of a very permissive crossdomain.xml, swfs downloaded from site give a 2121 error when we convert them to bitmaps at runtime.
    <?xml version="1.0" ?>
    <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
    <cross-domain-policy>
      <allow-access-from domain="*" />
      <site-control permitted-cross-domain-policies="all"/>
    </cross-domain-policy>
  Now, I understand why this restriction with BitmapData.Draw exists in general, and from what I've read in other discussion threads the general solution is to allow less restrictive access via crossdomain.xml.  This is the most permissive I know how to make it, although the documentation on the subject is not the most concise.  Are there details I'm missing here?
  For the moment we're just running this as LOCAL_TRUSTED, but this requires folks to be setup with the debug plugin which is a maintenance problem.
  Thanks in advance for any guidance.
  jv

  Crossdomain isn’t used in localWithNetwork because there is no “domain” for the request.
  I didn’t think you needed a debug plugin for LOCAL_TRUSTED, I thought any trust file would work.  Did you try creating an AIR app instead?  It might have different security rules.

• !!Still unresolved error #2123: BitmapData.draw(), videosampleaccess, No policy files granted access

  Hello,
  I have looked all over the forums, google etc. and not found any reliable and working solution to be able to retrieve the stream bitmapdata from RTMP  or HTTPDynamicStreaming source. Please find the details below.
  I have tried everything:
  NetStream.checkPolicyFile = true
  Security.loadPolicyFile(...);
  /applications/live/main.asc has the code below:
  application.onConnect = function( client )
      client.videoSampleAccess = "/";
      this.acceptConnection(client) ;
  The Application.xml has the tag:
  <Client>
       <access>
            <VideoSampleAccess enabled="true">/</VideoSampleAccess>
       </access>
  </Client>
  But constantly, I receive this error ( both on FMS3.5 and FMS4.0 RTMP & HttpLiveDynamicStreaming):
  securityerror:Error #2123: Security sandbox violation: BitmapData.draw: http://localhost/xxyy.swf cannot access rtmpt://localhost:1935/live. No policy files granted access.
  The problem persists wherever the player.swf is placed.
  Since I'm using OSMF the video display object had to be retrieved in the way like this:
  var mediaDisplayObjectTrait:DisplayObjectTrait;
  mediaDisplayObjectTrait = media.getTrait(MediaTraitType.DISPLAY_OBJECT) as DisplayObjectTrait;
  v = new Video(mediaDisplayObjectTrait.mediaWidth,mediaDisplayObjectTrait.mediaHeight);
  loadable.netStream.checkPolicyFile = true;
  v.attachNetStream(loadable.netStream);
  The new Video part is a must because when using ( the only working http - vod setup ) the BitmapData of the DisplayObject defaults to 320x240 even though the mediaWidth and mediaHeight properties are set fine and the video itself has much higher resolution. I must note at this point its far weird and worths another post.
  Seems like the player simply doesn't know anything about where and how to obtain any kind of policy information from the stream.
  I think this issue must be resolved once and for all, it's simply not acceptable to have this poor documentation floating around an essential feature without any professional help involved.

  You don't need crossdomain policy files, you need to do the following;
  1)      Edit the Application.xml file in the host folder, within install directory/conf/... , edit the client tag, adding the attribute override=”yes”
  <Client override=”yes”>
  In a default install of Flash Media Server, the Client class is set to prevent overriding values in the application folder. This was why the settings we were trying were not holding.
  We do not need to alter anything else of the conf Application.xml
  2)      Add the client/access nodes to the root Application.xml within the content folder  ( we have already done this as far as I am aware ).
  <Application>
    <Client>
     <Access>
      <VideoSampleAccess enabled="true">/</VideoSampleAccess>
      <AudioSampleAccess enabled="true">/</AudioSampleAccess>
     </Access>
    </Client>
  </Application>
  3)      Restart the Media Server by using the administration console. This will enable the client>access values to be overridden to true.