Flash Local-trusted security

Similar Messages

• Flash Player trust file not working with Embedded browser on linux

  Hi,
  I have an application which embeds a browser based on
  Xulrunner inside it. I have couple of flash swf files I need to
  load in the browser. The swf files talk with a javascript to change
  the page title and also to change the URL when I am browsing
  through the content in the URL. I need the URL change because I
  need to remember where I was in the flash content so that I can go
  directly to that place in the flash file when I open my browser the
  next time.
  To let the swf file do this I created a cfg file and placed
  it into the Flash Player Trust folder( I tried both the local one
  at /home/user/.macromedia/Flash_Player/#Security/FlasPlayerTrust
  and global trust file location at /etc/adobe/FlashPlayerTrust ) ,
  but I didn't get the expected result. I debugged into my app and
  found that the swf never reset the Title of the page( which
  indicates that the javascript was blocked) . It works fine from a
  firefox browser but not from inside my embedded browser. My app
  also works fine on windows and Mac . This is observed only on
  Linux. Can any body think of what else I need to do get my
  javascript embedded in the flash file working?
  Thanks
  jbsp72

  I tried out a few more things since nobody on this forum was
  responding. I tried installing another application which also
  embeds xulrunner browser. So I downloaded Prism which is a simple
  xulrunner based browser. The flash works fine with that and the URL
  gets set appropriately. So is there any setting I need to do to get
  it working. Or could somebody atleast point me to the right place
  to ask this question? :(

• Flash 8 Player security settings Help

  Hi All. Im having some annoying problems with Flash player 8
  (the standalone player not web one).
  I am making a flash portfolio, and am using an XML file to
  import data (such as images and text) into the portfolio at
  runtime.
  Everything works when run in the flash IDE when i run the swf
  (see IDE.gif), but when i run it in local flash standalone player
  (see Player.gif), the images are blocked out (un-masked) - this
  doesnt happen when i view the swf on the web or when i make a
  projector, which makes me think its something to do with flash 8
  player security settings.
  ive already changed the settings, adding the local path of
  the file and the image directories, but still it wont work.
  what other settings do i need to change??
  IDE.gif :
  www.mitchellpage.com.au/temp/IDE.gif
  Player.gif:
  www.mitchellpage.com.au/temp/Player.gif

  AndiMorris wrote:
  > I'm having some trouble with the global security
  settings in Flash Player 8. I
  > have deployed the player successfully using GPO, but now
  have a piece of
  > software (Nelson Thornes) that requires content from
  c:\program files\nelson
  > thornes to be allowed in order to run. Manually enabling
  this using the
  > settings manager works a treat, however it only changes
  it for the current user
  > and I can't find any way of setting it per station so
  that I can package it up
  > and deploy it. I can't expect all of my users to do this
  themselves.
  There is an MMS.cfg file that you can deploy that will allow
  you to
  control this site wide without individual user interaction
  (overriding
  settings manager).
  Start learning here:
  " IT Administration: Configuring Flash Player auto-update
  notification"
  http://www.adobe.com/go/16701594
  Bentley Wolfe
  Senior Support Engineer, Flash/Flash Player
  Adobe

• Partially Trusted Security Policy

  Hi,
  I'm using the ODAC1110510beta.exe in my Windows XP SP2 "development" machine and Windows 2003 SP2 "test deployment" machine.
  I am able to use the Personalization Data Provider in both windows xp and 2003. The sample web app project was using WebPartManager, WebPartZone, CatalogZone, DeclarativeCatalogPart, PageCatalogPart, EditorZone, AppearanceEditorPart, BehaviorEditorPart, LayoutEditorPart, PropertyGridEditorPart.
  Upon checking in the Oracle tables that was created, several rows has been inserted when testing out the sample web app project. (note that there was an error in the installation scripts - something to do with a missing "s" in one of the tables)
  Ok, now that I have established my current setup and situation, my question now is, why is that when I run ASP.NET AJAX Toolkit "Samples" website, I get the following error message:
  Server Error in '/MicrosoftAJAXToolkit' Application.
  Configuration Error
  Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
  Parser Error Message: Type 'Oracle.Web.Management.OracleWebEventProvider' cannot be instantiated under a partially trusted security policy (AllowPartiallyTrustedCallersAttribute is not present on the target assembly).
  Source Error:
  [No relevant source lines]
  Source File: machine.config Line: 160
  Version Information: Microsoft .NET Framework Version:2.0.50727.832; ASP.NET Version:2.0.50727.832
  Things I did to try to resolve this problem is by following the instructions in the following site: http://msdn2.microsoft.com/en-us/library/zdc263t0(VS.80).aspx
  I followed and executed the following steps in:
  "To grant full trust to an assembly or folder on your local computer"
  The location C:\oracle\product\11.1.0\client_1\ASP.NET\bin\2.x\* is now added for FullTrust
  I also followed and executed the following steps in:
  "To grant full trust to an assembly or folder on a network computer or mapped drive"
  The location C:\oracle\product\11.1.0\client_1\ASP.NET\bin\2.x\* is now added for FullTrust
  But still I get the same error message when running the "Samples" AJAX Toolkit website.
  Please help on how to go about this.
  Many Thanks,
  Henry Wu

  I am, 6 months later, getting the same issue. Has something to do with Oracle.web. My intention as of now is to remove Oracle.Web.*
  What did you do?
  Thanks

• When I plug my iPhone 5 into my Macbook air it just repeatedly flashes the trust question whilst vibrating and will not connect. My iPad connect to the macbook fine tho. Any ideas on how to fix this?

  I want to connect my iPhone to my macbook to backup all my photos but it just vibrates constantly and flashes the trust computer question over and over.
  Any help would be great.

  Talked to AppleCare and it's most likely the fact that my MacBook has 3.0 USB ports and my non official charging cable can't support that. So yeah, I'll try a new cable, hopefully that's the fix.

• Need information on "Flash local storage" please

  Does anyone know about "Flash local storage"? Where is it? what sort of data can be stored there? how you see it and delete it?
  Friend wanted me to check out Pandora and reading through their FAQs I found this interesting tidbit.
  Note that Flash Local Storage, which holds your Pandora account and log-in information, is shared globally across all user accounts and browsers on a computer. This means that even if someone visits Pandora.com in another browser... the last account left signed in to Pandora will appear the next time anyone visits Pandora.com on that computer.
  It go me wondering what other data is being stashed into this "storage" without my knowledge.

  No.
  dogs got to it and now there are bite marks on it and the on and off switch was pulled off

• Implementing local user security with ZCM11

  Hi all
  we have been a very traditional NetWare-Company neglecting all local user security (on windows) as we always tried to force the users not to save any data on local drives (but only on our NetWare- or OES-drives). So all of our users work on the local windows Administrator-account without any password.
  With a new IT-Management in place, this has to change. The new management wants to make sure laptops can't be used when stolen.
  So we have the following requirements to implement:
  1) local user account with central policies in place
  2) the local user account has to be single sign on with NDS (only one password to enter for local user account and nds login)
  3) user roaming (user should be able to change physical machine and get the same environment)
  So far, we have used ZCM 11 primarily for software deployment. We are on ZCM 11.2.4.
  I do have an idea how to implement Point 1) and 3), but i am unsure which way to go for the SSO part (Point 2)
  hopefully, someone can point me in the right direction.
  Thanks
  Andrej
  Andrej Dimic
  Karl Bubenhofer AG
  Hirschenstrasse 26
  9200 Gossau
  e-mail: [email protected]
  Tel. +41 71 387 43 87

  Hello Thomas
  yes, DLU is what we needed.
  Thanks for pointing me in the right direction.
  Andrej
  Andrej Dimic
  Karl Bubenhofer AG
  Hirschenstrasse 26
  9200 Gossau
  e-mail: [email protected]
  Tel. +41 71 387 43 87
  >>> thsundel<[email protected]> 18.06.2014 17:06 >>>
  Andrej Dimic;2323232 Wrote:
  > Hi all
  >
  > we have been a very traditional NetWare-Company neglecting all local
  > user security (on windows) as we always tried to force the users not to
  > save any data on local drives (but only on our NetWare- or OES-drives).
  > So all of our users work on the local windows Administrator-account
  > without any password.
  >
  > With a new IT-Management in place, this has to change. The new
  > management wants to make sure laptops can't be used when stolen.
  >
  > So we have the following requirements to implement:
  > 1) local user account with central policies in place
  > 2) the local user account has to be single sign on with NDS (only one
  > password to enter for local user account and nds login)
  > 3) user roaming (user should be able to change physical machine and get
  > the same environment)
  >
  > So far, we have used ZCM 11 primarily for software deployment. We are on
  > ZCM 11.2.4.
  >
  > I do have an idea how to implement Point 1) and 3), but i am unsure
  > which way to go for the SSO part (Point 2)
  >
  > hopefully, someone can point me in the right direction.
  >
  > Thanks
  > Andrej
  >
  > Andrej Dimic
  > Karl Bubenhofer AG
  > Hirschenstrasse 26
  > 9200 Gossau
  > e-mail: [email protected]
  > Tel. +41 71 387 43 87
  I believe the DLU policy is what you are looking for in Point 2). Then
  the user can login to the workstation with the same credentials as they
  have in NDS.
  Thomas
  thsundel
  thsundel's Profile: https://forums.novell.com/member.php?userid=128
  View this thread: https://forums.novell.com/showthread.php?t=477797

• Webserices With WS trust Security

  Hi, I have a scenario where i need to call a webservice with WS Trust security token in PI. I have to use the security toekn and call the service in Three Steps:
  Request/Response1 u2013 This is the initial request for a security token to establish the WS-Trust connection.
  Request/Response2 u2013 This is the actual request for information.
  Request/Response3 u2013 This is the closing communication to let the server know there wonu2019t be another request.
  Can any body please guide me / sugegst me how to call webservices with WS trust security in PI
  Thanks
  -Kulwant

  Hi,
  please read:
  http://help.sap.com/saphelp_nwpi711/helpdata/en/48/aea404ac5a3206e10000000a42189c/content.htm
  about WS Security Conversation.
  Best Regards,
  Erik Hubers

• Local SWFs security messages

  Hi,
  I want to run captivate 5 published SWFs from CD ROM but I get the adobe flash player security warning about ".. a potentially unsafe operation.", when i run the SWF files on their own locally.
  I am guessing that the SWF files are making Javascript calls which is causing the security warnings, as when run locally from the HTML i don't get the same issue. Server2go is not really an option for me. I have unsuccessfully tried chaning the publish settings in captivate as my projects are doing no reporting/tracking and should have no need to speak to Javascript or communicate with the internet.
  Any guidance gratefully recieved.
  I don't understand why the published SWF should be causing the security alert when it does not need to be making any calls.
  Thanks
  Mathew

  The checkbox you can deselect in the Publish dialog to NOT output HTML is there because there are some situations where you might be creating content for a Content Management System (not an LMS) that will only accept single files.  Typically these systems are designed for storing and serving up files like PDF, or DOC, or PPT, or SWF.  They usually want to rename your file with a unique ID when they store it internally, and so they don't cater to collections of web files that need to maintain relative links in order to work (e.g. the HTM/SWF/and JS files in Captivate output).
  If you are publishing content for an LMS, either AICC or SCORM, you will be using HTM/SWF/JS.  The communication with the LMS in the case of SCORM happens via the JS API, not to mention a large number of other support files.  So trying to run the SWF by itself with a SCORM-compliant LMS will get you nowhere.
  I'm interested in your idea that the Captivate SWF might be trying to do something that is triggering the security warnings.  Do you by any chance have Self-paced Learning turned on in TOC settings?  If so, this will cause the SWF to write a Shared Object to the user's local cache.  Perhaps that is what is triggering the warning.  Try starting up a blank project with absolutely no content, and Self-paced Learning turned off.  Does it also trigger this warning for you?
  Can you show us the settings you currently have in your Flash Player Settings Manager in Control Panel for Storage?
  What settings does it show on your Advanced Tab under Trusted Locations

• Chrome local trusting doesn't work?

  I'm trying to do AS3 to javascript communication running locally in Chrome. I've tried multiple designs, examples from the adobe site. On win7 All work fine in IE FF locally once trusted of course. All work fine on internet site including chrome. But in Chrome locally the communication fails. I've set the global setting to trust the file, the directory and have added the .cfg files. From flash get error:
  AS3 SecurityError occurred: Error #2060
  From Javascript get error:
  Object #<HTMLObjectElement> has no method 'myMethod'
  Oddly enough, if you use debugging version of flash player it works. It seems the built in Chrome flash plugin won't allow you trust locally?
  Does anyone have insight or help?
  Thanks.

  You can try a factory reset and reload the configuration but the above step i suggested if it didn't work then next suggestion would to be factory reset and reconfigure manually and then test.
  So yes you can try that first then try what i suggested and if that don't work then it will be next step
  Factory reset and reconfigure manually.. Some times when upgrading it can cause some corrupted files and only way to fix is a factory reset and reconfigure (manually)..
  Jasbryan

• Need advice in flash's global security settings

  Hello guys!
  So, I want to ask you a question regarding Adobe Flash Player's global security settings.
  I have a .swf file on my computer which when I want to load it with mozzilla browser a security panel appears saying it is not trusted. 
  I changed the global security settings and the panel does not appear anymore. 
  But my question is, if I, as a host want to publish that.swf file on the web, with the global security settings changed, other user from different computers who acceses my web page get's the same security warning, do they have to change the global security settings on their own? 
  Or the problem is solved by me, as a host, by changing the global settings and trusting the .swf file only from my computer and so anyone can acces the specified web page without changing the global security settings.
  Thanks!

  let me clarify the issues:
  1)websites/adnetworks are setting flash cookies in user's lso to avoid browser cleaning and to respawn
  tracking cookies.
  where is data that is attempted to be set by these websites/adnetworks but blocked by the global settings?
  where is data that is set but not deleted yet by user?
  where is data set and then deleted by user once they use global settings?
  2) flash cookies set on user side are recorded in adobe global settings. user computer must be static, not static ip address, so the global settings on adobe can allocate flash cookies to each user's computer.
  where is the "static address code" data associating the user's computer to the flash cookies being set?
  3) In regard to issue#1, is any of that data shared with any other company?

• Are Cross Domain Flash Local Shared Objects (LSO aka Flash Cookie) possible

  Hi,
  I found several solutions for creating Flash LSOs from JavaScript (for example: http://www.nuff-respec.com/technology/cross-browser-cookies-with-flash )
  If Page (www.hostA.com/index.html) and the .swf file are from the same site, everything works fine.
  Now I'm trying to load the page form www.hostA.com/index.html, which includes www.hostB.com/flashcookie.swf (different sites). But then I cannot read or store the LSO.
  I have tried several configurations (crossdomain.xml,  Security.allowDomain("...") ), but nothing works.
  Is this kind of cross domain access to a LSO possible?
  Can a flash based advertisement delivered by a 3rd party save a LSO on my disc?
  Thanks
  -stephan

  I 100% agree!  We have an application that the Government requires information to be stored on the users computer as part of Multi-Factor-Authentication.  We originally wrote it as a browser application and when everyone and their brother started deleting browser cookies because of security concerns, we totally re-wrote it as a Flash application to take advantage of permanent storage.  This new "feature" in Flash Player is causing much concern because thousands of users will need to start answering lots of security questions every single time they use the application (ie: daily) and our staff is having to handle technical support questions that shouldn't exist.  Right now it's only IE that's causing the issue, but I'm sure every browser and Internet Security program will soon be adding this to their products.  There should at least be a way for the USER to white-list a specific Domain so Flash could exempt those sites from ANY external program trying to delete ALL Shared Objects/Local Storage/Flash Cookies.  The USER should be given that choice.  This would satisfy the extra privacy you are putting in there and still allow information to be stored from sites that require it.
  John

• Flash + Local Website + SP2 = warning messages

  I am designing a website with flash elements (no manually
  entered action script), to be installed on users laptops.
  I have been told that when XP Service Pack 2 gets installed,
  if we have a local website on a users laptop, and they click on a
  flash element (to play local flash video and audio), the user will
  get a dialog box after each time they click, asking them if they
  are certain they want to proceed.
  Is there any way to circumvent this dialog box? Like any way
  I can design the flash item to avoid the dialog box?

  Does it have anything to do with:
  Microsoft Implementing ActiveX security features in IE.
  here is the fix that everyone is using:
  http://blog.deconcept.com/swfobject/
  Shane

• SSL Error 61: chosen not to trust security certificate; How to bypass?

  I am trying to utilize Citrix XenApp to remotely access my work userid and applications from home. I can login and see my virtual desktop/applications, but when I try to run an application I get SSL Error 61: you have chosen not to trust "Equifax Secure Global eBusiness CA-1" the issuer of the server's security certificate. I have tried to update the certificate (FFx says its valid), add an exception (cannot because certif is valid), uninstall/reinstall application (no good), but still no luck. Have contacted my company's IT and they are baffled as well. Any ideas to bypass or redo a setting that says I do trust this certificate would be welcome.

  Pardon my ignorance, but can you please explain further. I've read over the info from the link provided but it is beyond my technical comprehension. Is the Citrix database on my end, on my company server's end?

• FLASH CMS websites - secured pages

  Hi,
  I’m looking for a way to build FLASH websites, which the user will be able to edit and control its content himself. You know, a CMS website, but then totally build in FLASH. I already started Googling on this a bit and came across these 2 things
  -          www.flashcontentmanager.com
  -          www.flashloaded.com/flashcomponents/fcmspro/
  especially that last one looks interesting, but it does cost a 300 dollars for 1 website, which maybe isn’t that expensive, given it’s apparent completeness and easy to use interface, but I still want to explore other potential possibilities.
  What is needed on the website, is the possibility to add text, pictures , videos and extra pages by the user himself. Also, and maybe this is the most important / difficult, there has to be the possibility to make secured pages where the client can view his pictures without downloading them à the man that’s needs this website is a photographer that wants to offer his albums to the respective client for which he made the pictures, online. 1 client should be able to watch his pictures on 1 secured page of the site, another client should be able to watch his pics on another secured page of the site, without being able to download them... I hope you know what I mean, I’m sure you know what I mean.
  I believe this is possible with FCMSPRO on the flashloaded website (between the keyfeatures list on the website I see: ‘Allows for multiple users with different file upload permissions’ – so I assume that the man will be able to provide costumers a password with which they can watch their pics online, without down- or uploading something themselves?)
  Is there someone that can help me on this? Is there anyone that has had some experience with FCMSPRO, Flashcontentmanager or other CMS systems already? I’m curious if I’m going to get out of this. If it will be worth deepening myself in this, or if it will be best to tell the photographer to find someone else for this job.
  Thanks

  The method i showed above does have a front end and a back end. The code i posted above would be part of the image module in the back end for deleting images.
  1. You don't put images and files in the database, you create an uploader that uploads the files (pictures, whatever) onto the server and then writes an entry into the database telling it where the picture is stored, what the name of the file is, what type it is, whatever you need. Then when your website connects to the database and downloads the info and stuffs it into arrays, it iterates through the photo array and downloads the photos as needed using the URL you stored.
  2. Loading into the database is covered with the above tutorial but i'll post my database retrieval code anyway.
  This connects to a database and stuffs each column of a database into an Array. Then if i wanted to actually download the photos i mentioned by the urls just retrieved i'd use:
  3. Some people put them in seperate swfs at password protected URLs because its more secure but you don't necessarily have to.
  flash CMS isn't well covered, i spent a long time looking for tutorials and i definitely didnt find any that worked well. If you're still working through the basics like AS3 tweens, loaders, and loops, then you're going to want to figure those out first. Those are supported well online, though.
  Finally, here's a good example of some flash CMS: http://group94.com/#/flash94/
  Good luck.
  EDIT: Sorry for retracting my code, the client i did it for wasn't happy.