Flash security settings in javascript

Similar Messages

• Flash security settings not coming up in Firefox 17.0

  Hi I have been successfully running my web project on Firefox browser till now.
  I am using adobe flash 11.5 version in my project and i am using the same for recording audio and video from webcam and the headsets.
  Before today everything was working quite good ,until..
  I updated my firefox browser to version 17.0 and found that my flash security settings just vanished in the thin air.
  I mean my flash used to show security settings(if the settings are set to deny or ask me mode),but after the update of firefox 17.0 ,i am not getting any security settings windows from flash.
  I am manually changing the settings using control panel.I cant ask my users to do this.
  So please look into this and provide a fix as soon as possible.
  Thanks

  can we get a link to see for ourselves? Or paste the HTML
  code up here (specifically that which embeds the flash in the
  page)

• Flash security settings panel

  I am new to FlashPro CS5.  I need to use it with SlideShowPro Director and the associated product 'ThumbGrid'.
  I followed the instructions and settings from SlideShow Pro but nothing happens when I publish.  They say I need to go to the flash security settings panel and add my local folder as a trusted location to execute the files from.
  I cannot find the flash security settings panel.  Can I get a hint on where to find the flash security settings panel. I need to add my local folder as a trusted location to execute the files from
  Has anyone in the forum had experience with SlideShowPro Director or Thumb Grid.

  Its okay continue with the thread, the next thing is about the crossdomain policy, you should also know about that for these kind of issues, let see with the following links:
  http://www.designswan.com/archives/actionscript-30-flashs-security-sandbox.html
  http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/system/Security.h tml?filter_flash=cs5&filter_flashplayer=10.2&filter_air=2.6
  http://kb2.adobe.com/cps/142/tn_14213.html

• You Tube Widget - Flash Security Settings

  Hello,
  I managed to embed sucessfully a You Tube video by using flash factor widget.  It works when published to a web server no problem.  However it looks like anybody else who views it has to adjust their flash security settings.
  Is there away around this issue?
  Help would be greatly appreciated
  Thankyou
  Alison

  Hi all
  One way past this would be to include and install a light web server known as "Server2Go". It's pretty simple to install and it tricks the Flash Player into thinking the content is running from a server.
  Site to obtain Server2Go:
  http://www.server2go-web.de/
  Instructions for using it with Captivate:
  http://forums.adobe.com/message/892584
  Cheers... Rick
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• Change Flash Security Settings With No Internet Access?

  Hello
  I have firefox at home with no internet access, is it posible
  to alter my flash installation so it enables access to other
  content. it brings up a settings window but that just goes to a
  dead url.
  I have a a collage disk but it will not run untill I alter
  the settings of flash to allow acess to other site, other location?
  Please help?

  phil ashby wrote:
  > Glad it worked!
  >
  > Urami, I did some fairly extensive tests with this idea
  and it seemed to work
  > each time - although all our corporate machines have the
  same build. Even if
  > the directory didn't exist, if you created it and placed
  the SOL inside, it
  > words. In the end I never actually used it as I
  distributed the app as an exe
  > which doesn't have such draconian security requirements,
  also it obviously
  > overwrites the users original version, if present.
  I agree with you, I tried different SOL editor and it work
  when i tried.
  I believe what I used was more than SOL explorer/reader
  rather then editor
  even tho it has this option is seem the file stop working and
  hence the
  problem I was claiming about the files not work properly.
  Perhaps it was changing something and flash did not like
  these changes.
  Anyhow, I did try another tool and did manage to work.
  Thanks
  > Personally, I think it's a bit of a hole in the whole
  Flash security issue.
  Won't comment on that one :) Something just seem way
  unnecessary and silly...
  Best Regards
  Urami
  !!!!!!! Merry Christmas !!!!!!!
  Happy New Year
  <urami>
  If you want to mail me - DO NOT LAUGH AT MY ADDRESS
  </urami>

• Flash security settings - offline no internet connection

  We have applications that are residing and a closed intranet with no access to the WWW period.
  We are trying to use Xcelsius' WSDL connector to a WSDL residing on the intranet.  This works fine, however when the SWF is opened in IE a default security prompt appears:
  "Adobe Flash Player has stopped a potentially unsafe operation.
  The following application on your.....
  To let this application communicate with the Internet, click Settings..."
  Since these machines have no access to the Internet, they cannot see the Macromedia Flash Website and thus are unable to modify their security settings, and thus the WSDL connection cannot work.
  Does anyone have any resolutions available to allow web based data communications in Flash, without a WWW connection?
  thank you

  Hi Christine,
  You can add a simple local configuration (.txt) file per machine to say which SWF or folder of SWFs is trusted without using the Adobe online Security tool.
  Here is where to put the local configuration file for all users of the machine (note you may need to create the FlashPlayerTrust folder):
  <system>\Macromed\Flash\FlashPlayerTrust
  So that could be:
  c:\WINDOWS\system32\Macromed\Flash\FlashPlayerTrust
  Call the configuration txt file whatever you want (just make sure it has a .txt extension).
  Create the configuration file (Notepad will do), save the file (for example: xcelsius.txt).
  To make any SWF that runs from the C or D drive on the machine trusted add these two lines to the txt file then save it:
  C:\
  D:\
  Run a SWF from the C or D drive and it should now be trusted.
  This information is from this section FlashPlayerTrust configuration files on this Adobe site: http://www.adobe.com/devnet/flash/articles/fplayer8_security_04.html
  Regards,
  Matt

• Change Flash Security Settings? Security Manager Offline?

  Hello
  I have downloaded firefox and flash player, I have content
  which when I run it, flash blocks it wisely and reports that the
  page is trying to access other content etc.
  I need to allow the accessing to other content but I dont
  have internet at home, I understand I need the global manager
  security settings panel which of course shows fine on this intenet
  conencted machine but at home it just brings up a dead URL because
  of no tcp/adsl etc.
  I am sure this is a standard question answered millions of
  times before Im sorry to bother you guys, Have a great year every
  one and good luck Adobe.

  The reason you can't access it offline is because adobe flash
  player is effectively a trojan. There is absolutely no reason to
  not have local, offline access to adjust settings to a local piece
  of software, even if it is a plug-in. That goes to the heart of it
  right there. The settings are stored locally, so what the hell is
  the GSM doing? Well, it's doing what it specifically says it is not
  going to do (on the GSM page) and modifies personal data on your
  system. These settings may be benign but the method employed is
  typical virus behavior. Adobe has never given a reason because they
  know they have a front door into everyone's machine that made the
  mistake of installing the flash player plug-in. Even microsoft had
  a big deal about it because they put it in the WinXP install and
  sure enough, flash player had a huge security hole. They knew it
  and did nothing. Adobe knew it and didn't care.
  You might look for a hack that modifies the settings locally
  rather than relying on a known virus-type of access that adobe
  clearly wants to your system.
  Adobe should be set on fire for this kind of behavior.
  btw:
  check out this file: (it'll be on your local machine)
  \documents and settings\(your username)\application
  data\macromedia\flash
  player\macromedia.com\support\flashplayer\sys\
  and the file is
  settings.sol (it's a binary file)
  SWF should never be allowed to modify anything, it's supposed
  to play animations, yet adobe's ocx (the plug-in) seems to do just
  that without any notification or warning that it's going to do
  something to your local system. Again, this is classic virus
  behavior; performing some unwanted/unwarranted task(s) without
  notice. I've play with the flash maker before, I remember you could
  do some things with clickable links. But nowhere do I recall it
  giving the ability to modify someones local files, that was just
  too much freedom.
  adobe needs to either fix this or drop flash player. I know
  it's fairly prevalent on the web, but with security risks like
  these that adobe doesn't want to fix it's just dynamite. Better
  yet, how about make our flash swf files able to access adobes'
  internal network? Sounds fair to me.
  You'll also probably see a bunch (or just a few or even none)
  of directories that start with # in the ...\sys directory. Under
  which each one may have another settings.sol file. If you do a
  little research on the web you can find a ton of people who've had
  security holes opened because of entries in these files. adobe may
  want to deny it but you can read about it all over the place. adobe
  flash player has even been at issue with rootkits (look them up,
  quite nasty) and the problems that go with them. So yeah, adobe
  reached a new low the first time I saw that.
  It's crap software like this that gets unleashed on the
  unsuspecting public and techs like myself have to clean it up.
  Furthermore, we have to try and find alternatives to what has
  become too well-established. Flash became popular before people
  really paid any attention to what adobe was actually doing on their
  systems. That's why everytime I have to uncorrupt a system I go
  looking for things like the flash player plugin. Some days it's so
  bad I'd like to see a plane hit the adobe hq, that'd be some
  justice.
  If only companies like adobe would release trustworthy
  software, yeah, I'm still looking for the pigs with wings.
  And yet still more bs: while almost every piece of software
  I've ever installed goes into it's own directory or under
  ..\program files\... look where adobe puts itself. Deep inside
  ...\Windows\...
  Here's where I found mine
  C:\WINDOWS\system32\Macromed\
  with several different directories under there. Like a damn
  tick it burrowed itself into the main windows directory. Which is
  also typical of a virus.

• Flash Security Settings and Random Questions not Displaying

  Hey folks,
  I created a Captivate 4 project with 3 slides and a question pool of about 70 questions in which I am randomly pulling in. I am using IE7 and Flash 10. Publishing in Flash 10. If I publish or view in Preview in a web browser the project launches, plays the first 3 slides, and then goes blank when the first question should appear. Note: previewing the project AND publishing the project as an .exe does launch and display all the questions correctly. It ends up being a flash security issue. I went to the adobe site and via the Adobe Flash Player Security Manager" I entered in the main .SWF captivate-generated file as a trusted file and then re-ran the published captivate project and it ran correctly. Question is ... what do I need to do to set up flash or my project so I don't have to do this for every new project that I deploy? I don't want to have the users have to go in and add whatever I deploy as a trusted file. It's also a little confusing as to why the first three slides played and it stopped at the questions ... seems like if it's not a trusted file, that it wouldn't run at all.
  Thanks for any help!
  Chris

  Hello again
  I think I'd be investigating a temporary web server to host on until things are ready. Here's where it will help.
  By providing files to the end users, if you are copying files over you end up having to explain how to save the files. You then have to walk them through setting the Flash Security so they can properly view. It all just becomes a pain in the kazoo.
  If you can find some server space, you simply upload the content and provide a link for the users to view the content.
  Other than that, if you are insistent that copying is the way to fly, I might suggest you establish a known location where you want everyone to copy their files. Perhaps C:\TestFolder. Then provide some instruction on how to configure the folder with the relaxed Flash Security. From there forward, anything they copy to the folder should need no security adjustment.
  Cheers... Rick
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• Manually editting Flash security settings

  I work in a small network that does not have internet access.
  Flash prevents me from running any lessons from the LAN as it wants
  to point to adobe.com (which it cant). is there anyway i can access
  the file, that already resides on my machine, without having to go
  thru adobe.com ?? i found the file (settings.sol) but can't edit it
  using wordpad or notepad. i tried and it didn't work. i can't take
  an existing file and replace this one for a few reasons nor can i
  copy the lesson down to my HD and run it from there. any advice
  here would be great.

  I found your wording to be a bit hard to follow poppabear...
  it wasn't clear why Flash Player wanted to hit adobe.com.
  I think what you're looking for is a way to control Flash
  Player Settings Manager without having to connect to it. Common
  question (which I answered in another post today already). You can
  do that by distributing an MMS.CFG file on your local machines.
  You can learn more about that here:
  http://www.adobe.com/devnet/flashplayer/articles/flash_player_9_security.pdf

• Webservice and Flash Security Settings

  I have a flash file that is making a call to a webservice on
  another domain. When I run the flash file it gives me the message
  where it says it's trying to communicate with this Internet-enabled
  location. I don't want to have the user to have to change their
  settings manually. Is there a way to allow the url of the
  webservice so the user does not have to change their settings?
  Thanks,
  Tony

  You can generally set a cross domain policy for these kinds
  of things, but it gets trickier depending on what webservice you're
  using. I'm having a similar problem with a java servlet.

• Problems with Captivate Redirects, possibly Flash Security and XML

  Hello fellow Captivarians,
  First a little backstory, earlier in the year we developed a course that heavily used external image files, which were gathered and organised through an XML file, then placed into Captivate 4 through a widget. This was all developed in Actionscript 3 and was designed to be accessed locally, on the user's computer from a CD Drive.
  We had a whole deal of issues with Captivate and Flash security issues, finding that we could not get the importing to work correctly in Internet Explorer as it outright refused to import the XML file (Presumably because of security issues). However, Firefox would work fine. Eventually we got it working via a bandaid solution by prepackaging the course with a firefox portable install.
  Now many months later, we have discovered our previous solution still works, but it now outright denies any redirects from HTML page to HTML page, regardless if the content is on the CD or if it's on the harddrive. Buttons that link to external sources will not work, (even if it's just a local page in the same directory).Flash player simply refuses to redirect between HTML pages. We tried some older projects that were developed in AS2 - and this wasn't an issue.
  The odd thing is however, on my computer it still works fine. However, on everyone elses in our office, it will not redirect at all. We are all running the same version of Flash Player, and the same version of Firefox...
  Any ideas? Could it have been a recent update with the Flash Player that prevents this sort of interaction?
  Cheers.

  Hi there
  Have you tried configuring the Flash Security Settings? That's my guess.
  Click here for a tutorial on how to configure
  If this will be on CD-ROM or DVD, you may need to consider adding a light version of a Web Server to the media and launching via that.
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• SWF security settings seem to have no effect

  Here is the location to which I publish my Captivate 5 output.
  And here is how my flash security settings are configured. I've included the publishing location in the trusted locations collection.
  After publishing (html output option and swf option chosen) I runthe output in the Flash Player, by directly selecting the output swf, and are rewarded with this message.
  The published swf is self contained and does not call any external resource.
  The behaviour occurs every time the swf is opened, irrespective of the security settings. I've also ported the swf to a second machine, and the same there. I've also put the swf onto CD and run from there, and the same again. I've not tried it on an XP system so these results are only in the context of Windows 7 (32 and 64 bit) systems. Flash Player is version 10.1 and publication output is set to Flash Player 9 or later.
  Is there another security setting somewhere I have to set as the output message is scary to a user and looks unprofessional to our clients. ???
  Henry

  Hi Rick,
  The spelling in the Flash message is the same as the trust setting although it does makes your eyes go wobblytrying  to decode it with all the %20 space codes in place. And of course the trust settings were set through the Flash Manager via the browse option so should have been the same.
  I think we have a problem with SWF output from Captivate 5, rationale as follows:
  1) I create an identical project in Captivate 4 generate a SWF, then taking the SWF produced by Captivate 4, I move it to the folder DB Pre-production and execute it directly, result - no warning message from Flash.
  2) I execute a SWF directly on the C Drive - say one of the pre-loaders from Adobe Captivate Gallery, result - no warning message from Flash.
  3) I execute the offending SWF via a browser (I.E.8 with no trust settings on the DB Pre-production folder), result - no warning message from Flash.
  4) I load a SWF from some other product into the DB Pre-production folder and execute it directly, result - no warning message from Flash.
  5) I copy and paste the file name settings directly from any Captivate 5 SWF produced object to Flash Security Settings manager - to ensure absolute spelling - close the browser, re-boot the system, and execute it directly from DB Pre-production, result - security warning message from Flash.
  I conclude that there is a glitch in the SWF output produced from Captivate 5.
  And maybe this is one of the reasons that Captivate 5 buttons that invoke other segments of learning don't function as expected (I can always get the window NEW feature to work, but PARENT, TOP and CURRENT options seem blocked). Whereas my old Captivate 4 buttons that do the same still work a treat. And all loaded from the same folder, using the same browser, and the same settings.
  And good idea though it is to use an .EXE projector our commercial clients, will not acccept any .exe file from an external source, in particular CD-rom.
  Should I report this as an issue? Or am I just travelling over well-worn ground?
  Best regards,
  Henry

• How to change security settings in Flash Player if internet is unavailable?

  I have a local html page that has an embedded .swf file,
  which is also on my local computer. The .swf file is for local use
  only when there is no Internet service available. The first time I
  open the html page on an internet browser, IE, I got the Flash
  Security prompt window, which asks me to change the security
  settings. The setting change is done online under the url:
  http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04a.ht ml
  If there is no internet connection, how then can one change
  the security settings so that one can access the local swf? Any
  help would be appreciated.
  Eric

  Do I really need to set security for my wireless connection. I searched for available WiFi in my area prior to installing my  network and none were available. Does that matter?
  The network never did function right from the start. My desktop is a Dell Inspiron 510n and is not wireless capable? So when I tried to add my HP mni 1000 it did not let me access the Internet.
  So now I have an unsecured network. Am I vulnerable to attack?
  Which leads me to my real question How do I change the security settings?
  Oh yeah, my home computer crashed due to a program I downloaded, so I do not have access to it. i'm a mess....
  Thanks,for any help
  Phil

• Flash Player Security Settings per your D:/ drive...

  Hi,
  For anyone who read my post earlier in the day, I apologize for the redundancy; this is a new issue for me.
  I've been working on an e-learning product using Flash Builder; it was developed to be web-based, but the client has changed the requirement and now they have requested a stand-alone dvd drive-based deliverable.
  The project consists of a Main.html(launched per autorun.inf), Main.swf(which loads into Main.html no problem from the disk), and multiple .flv files - so Main.swf loads into Main.html from D:\ , but none of the .flv's will load. However, once I trust D:\ per going to the [Flash Player Settings Manager>Trusted Location Settings>add my D:\ drive to the Trusted File or Folder Location], everything runs well.
  My questions are:
  Why is that an issue?
  Is there a way around it?
  What am I doing wrong?
  Since everything is fully contained and running locally from the  D:\ drive, why does the Flash Player need me to trust that device in order to run the content? I t seems completely counter-intuitive which leaves me boggled.
  When I build a release, everything works perfectly locally(without trusting the C:\ drive(obviously)), once I burn the files to disk the external content won't load until trusting D, and what's even MORE, when I copy the content "burned to disk" locally, it won't play either until I trust the C:\ drive!!
  Little help, please? I know I'm doing something wrong, but I can't find anything online.
  Thanks in advance,
  ~Chipleh

  Hi mocca,
  Thanks again for your reply. You are giving me things to re-think about, I thought about all these options yesterday, but now that you mention them as the solutions, I will re-think with more gusto. A few things I'm still dwelling on:
  Why is that an issue?
  Because the users system settings should always override anything that comes from a disk... Same with any programm on my computer, if somwhere from a network/external drive wants to open my browser without my consent, why should it?
  Agreed. It should not. However, per the paradigm of my project on disk, the user launches the browser, the browser loads the swf, but the loading of all the other content is restricted. That seems counter-intuitive - since the user has already launched the main app, they obviously trust the app to run on their box, but they now have to go through an extra 'security layer' step in order to load the accompanying content.
  As per publishing to Air, I tried yesterday and Flash Builder kicked all sorts of errors. I'll try publishing to air more today...
  In the mindset of the great John Peterman: "Ah, the 'client changing requirements', where the client's expectations are high, the knowledge of the "level of effort" is low, and the process is terribly frustrating."
  Thx again,
  Chipleh

• Flash 8 Player security settings Help

  Hi All. Im having some annoying problems with Flash player 8
  (the standalone player not web one).
  I am making a flash portfolio, and am using an XML file to
  import data (such as images and text) into the portfolio at
  runtime.
  Everything works when run in the flash IDE when i run the swf
  (see IDE.gif), but when i run it in local flash standalone player
  (see Player.gif), the images are blocked out (un-masked) - this
  doesnt happen when i view the swf on the web or when i make a
  projector, which makes me think its something to do with flash 8
  player security settings.
  ive already changed the settings, adding the local path of
  the file and the image directories, but still it wont work.
  what other settings do i need to change??
  IDE.gif :
  www.mitchellpage.com.au/temp/IDE.gif
  Player.gif:
  www.mitchellpage.com.au/temp/Player.gif

  AndiMorris wrote:
  > I'm having some trouble with the global security
  settings in Flash Player 8. I
  > have deployed the player successfully using GPO, but now
  have a piece of
  > software (Nelson Thornes) that requires content from
  c:\program files\nelson
  > thornes to be allowed in order to run. Manually enabling
  this using the
  > settings manager works a treat, however it only changes
  it for the current user
  > and I can't find any way of setting it per station so
  that I can package it up
  > and deploy it. I can't expect all of my users to do this
  themselves.
  There is an MMS.cfg file that you can deploy that will allow
  you to
  control this site wide without individual user interaction
  (overriding
  settings manager).
  Start learning here:
  " IT Administration: Configuring Flash Player auto-update
  notification"
  http://www.adobe.com/go/16701594
  Bentley Wolfe
  Senior Support Engineer, Flash/Flash Player
  Adobe