Let's Discuss Flash Security

Similar Messages

• Flash security settings panel

  I am new to FlashPro CS5.  I need to use it with SlideShowPro Director and the associated product 'ThumbGrid'.
  I followed the instructions and settings from SlideShow Pro but nothing happens when I publish.  They say I need to go to the flash security settings panel and add my local folder as a trusted location to execute the files from.
  I cannot find the flash security settings panel.  Can I get a hint on where to find the flash security settings panel. I need to add my local folder as a trusted location to execute the files from
  Has anyone in the forum had experience with SlideShowPro Director or Thumb Grid.

  Its okay continue with the thread, the next thing is about the crossdomain policy, you should also know about that for these kind of issues, let see with the following links:
  http://www.designswan.com/archives/actionscript-30-flashs-security-sandbox.html
  http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/system/Security.h tml?filter_flash=cs5&filter_flashplayer=10.2&filter_air=2.6
  http://kb2.adobe.com/cps/142/tn_14213.html

• Let's discuss my application architecture,and give me your opinions

  hello
  we have several internal systems that are within the same lan and want to communicate with several external systems that may be in the other buildings by using the release line.i am now considering the architecture for the project,and have got an immature blueprint,please help me to make it more perfect by give me your opinions,the scenario as:
  within the lan,there are several systems that are developed by using different languages,let's suppose they are two(named internal1 and internal2),the two systems need to communicate with other two external systems(named external1 and external2) that are also developed by using different languages.all of the communications are bi-direction.there are several combinations:
  1 internal1 <--> internal2
  2 internal1 <--> external1 or external2
  3 internal2 <--> external1 or external2
  in my project,the timelimit is critical,as short as possible.
  according to the mentioned requirements,i decide to develop a infomation exchanging platform by using java which sit in the MIDDLE of the internal and external systems and WITHIN the lan,act as information dispatcher or coordinator,both of the internal system and external system communicate with it only.considering the multi-language and time-critical feature,i choose the way of socket communication among the systems and design a set of xml format internal protocol.otherwise,i think the message middleware are also needed within my project as message buffer.when i deepen into the detailed designing,i get some confusions,let us discuss them as followiing:
  1 if is the socket the good solution for my project?how can i assign the ports?because of the introduction of the information exchanging platform into my project,the communication combination is simplified to "internal system<-->info exchange platform" and "external system<-->info exchange platform",the crucial point for the port designing is how to assign the port in the info exchange platform,that is SERVER socket port.in my designing,i plan to assign different port for each subsystem.thus,the devleopment to the info exchange platform is simplified,that is:when the message comes,i don't need to analyse the xml message to check which system it comes from.but some people suggest me to open ONE port to all the internal systems,and ANOTHER port to all the external sysetms.i don't know which solution is better?if are there some regulations that concern about the socket port assigning?
  2 if is the information exchanging platform needed?some one suggest that subsystems can communicate with each other directly,
  the coordinating platform is not needed.but i think,from the EAI point of view,there should be a adapter between the internal system and external system.
  3 where should i put the message queue server?and if is the mom needed?i plan to use the mq between the exchange platform and external systems ONLY,and it is also within the lan,in my designing,i config two queue for EACH external system,one for incoming message and other for outgoing message,to each queue,i assign a message listener to execute different operations on its "onMessage" method,that is:when the message come from internal system,the exchange platform send them to the exact OUTGOING queue according to the destination of the message,then the listener of the queue call the socket of the according external system and send the message to it.otherwise,when the external system need to send the message to internal system,it call the exact socket port in the exchange platform that is assigned to it as mentioned above,the platform accept the msg,and send them to the exact incoming queue,then the listener deal with the msg and send them to the internal destination.in this solution,i put the mq behind the socket,but someone give me another suggestion,that is i directly put the message queue between the exchange platform and the external systems instead of using the socket as the front-end,all of them send the message to the queue and listen the queue,but i think,in such solution,the external system must listen the queue REMOTELY,is it a good way?
  also,somebody tell me that the exchange platform and remote external system can communicate each other DIRECTLY by socket,the message queue is not needed,i don't make sure if the mq is necessary in my situation?and what is the benefit and disadvantage?
  as for the communication between the internal system and info exchange platform,i think the mq is NOT needed,they can communicate each other directly by socket,furthermore,in my designing,i make them connect to each other FOREVER,that is i don't close the socket after each message transferation,as mentioned above in the issue of the socket assigning,every port in the exchange platform is DEDICATED,that means the port is specific to each system,so that they don't need to create and close socket connection frequently,that will make the program more performant,but if i use one port to listen all the internal system,then the socket must be closed by the end of each transferation because of the block problem,that is just another reason why i use dedicated port connection to each of the internal system.
  4 the another question is the secure issue accompanying by the socket,i think i needn't consider such problem in the internal connection,but to the connection between the platform and external system,the issue become preeminent,that is i must open the socket port in the firewall.but i think the connection between the lan and the external system use special line,not by internet,i wonder if the secure probem is critical in such situation?otherwise,i remember that some kinds of product from visibroker company can solve the firewall socket problem by using the http channel protocol,but i don't remember its name for sure,it seem like is called something gateway.who used such kind thing?and tell me how does it work?

  hello
  we have several internal systems that are within the same lan and want to communicate with several external systems that may be in the other buildings by using the release line.i am now considering the architecture for the project,and have got an immature blueprint,please help me to make it more perfect by give me your opinions,the scenario as:
  within the lan,there are several systems that are developed by using different languages,let's suppose they are two(named internal1 and internal2),the two systems need to communicate with other two external systems(named external1 and external2) that are also developed by using different languages.all of the communications are bi-direction.there are several combinations:
  1 internal1 <--> internal2
  2 internal1 <--> external1 or external2
  3 internal2 <--> external1 or external2
  in my project,the timelimit is critical,as short as possible.
  according to the mentioned requirements,i decide to develop a infomation exchanging platform by using java which sit in the MIDDLE of the internal and external systems and WITHIN the lan,act as information dispatcher or coordinator,both of the internal system and external system communicate with it only.considering the multi-language and time-critical feature,i choose the way of socket communication among the systems and design a set of xml format internal protocol.otherwise,i think the message middleware are also needed within my project as message buffer.when i deepen into the detailed designing,i get some confusions,let us discuss them as followiing:
  1 if is the socket the good solution for my project?how can i assign the ports?because of the introduction of the information exchanging platform into my project,the communication combination is simplified to "internal system<-->info exchange platform" and "external system<-->info exchange platform",the crucial point for the port designing is how to assign the port in the info exchange platform,that is SERVER socket port.in my designing,i plan to assign different port for each subsystem.thus,the devleopment to the info exchange platform is simplified,that is:when the message comes,i don't need to analyse the xml message to check which system it comes from.but some people suggest me to open ONE port to all the internal systems,and ANOTHER port to all the external sysetms.i don't know which solution is better?if are there some regulations that concern about the socket port assigning?
  2 if is the information exchanging platform needed?some one suggest that subsystems can communicate with each other directly,
  the coordinating platform is not needed.but i think,from the EAI point of view,there should be a adapter between the internal system and external system.
  3 where should i put the message queue server?and if is the mom needed?i plan to use the mq between the exchange platform and external systems ONLY,and it is also within the lan,in my designing,i config two queue for EACH external system,one for incoming message and other for outgoing message,to each queue,i assign a message listener to execute different operations on its "onMessage" method,that is:when the message come from internal system,the exchange platform send them to the exact OUTGOING queue according to the destination of the message,then the listener of the queue call the socket of the according external system and send the message to it.otherwise,when the external system need to send the message to internal system,it call the exact socket port in the exchange platform that is assigned to it as mentioned above,the platform accept the msg,and send them to the exact incoming queue,then the listener deal with the msg and send them to the internal destination.in this solution,i put the mq behind the socket,but someone give me another suggestion,that is i directly put the message queue between the exchange platform and the external systems instead of using the socket as the front-end,all of them send the message to the queue and listen the queue,but i think,in such solution,the external system must listen the queue REMOTELY,is it a good way?
  also,somebody tell me that the exchange platform and remote external system can communicate each other DIRECTLY by socket,the message queue is not needed,i don't make sure if the mq is necessary in my situation?and what is the benefit and disadvantage?
  as for the communication between the internal system and info exchange platform,i think the mq is NOT needed,they can communicate each other directly by socket,furthermore,in my designing,i make them connect to each other FOREVER,that is i don't close the socket after each message transferation,as mentioned above in the issue of the socket assigning,every port in the exchange platform is DEDICATED,that means the port is specific to each system,so that they don't need to create and close socket connection frequently,that will make the program more performant,but if i use one port to listen all the internal system,then the socket must be closed by the end of each transferation because of the block problem,that is just another reason why i use dedicated port connection to each of the internal system.
  4 the another question is the secure issue accompanying by the socket,i think i needn't consider such problem in the internal connection,but to the connection between the platform and external system,the issue become preeminent,that is i must open the socket port in the firewall.but i think the connection between the lan and the external system use special line,not by internet,i wonder if the secure probem is critical in such situation?otherwise,i remember that some kinds of product from visibroker company can solve the firewall socket problem by using the http channel protocol,but i don't remember its name for sure,it seem like is called something gateway.who used such kind thing?and tell me how does it work?

• Change Flash Security Settings With No Internet Access?

  Hello
  I have firefox at home with no internet access, is it posible
  to alter my flash installation so it enables access to other
  content. it brings up a settings window but that just goes to a
  dead url.
  I have a a collage disk but it will not run untill I alter
  the settings of flash to allow acess to other site, other location?
  Please help?

  phil ashby wrote:
  > Glad it worked!
  >
  > Urami, I did some fairly extensive tests with this idea
  and it seemed to work
  > each time - although all our corporate machines have the
  same build. Even if
  > the directory didn't exist, if you created it and placed
  the SOL inside, it
  > words. In the end I never actually used it as I
  distributed the app as an exe
  > which doesn't have such draconian security requirements,
  also it obviously
  > overwrites the users original version, if present.
  I agree with you, I tried different SOL editor and it work
  when i tried.
  I believe what I used was more than SOL explorer/reader
  rather then editor
  even tho it has this option is seem the file stop working and
  hence the
  problem I was claiming about the files not work properly.
  Perhaps it was changing something and flash did not like
  these changes.
  Anyhow, I did try another tool and did manage to work.
  Thanks
  > Personally, I think it's a bit of a hole in the whole
  Flash security issue.
  Won't comment on that one :) Something just seem way
  unnecessary and silly...
  Best Regards
  Urami
  !!!!!!! Merry Christmas !!!!!!!
  Happy New Year
  <urami>
  If you want to mail me - DO NOT LAUGH AT MY ADDRESS
  </urami>

• Why won't my mac pro let me reset my security questions?

  why won't my mac pro let me reset my security questions?

  Solution may be found if you search in the "More Like This" section over in the right column. 

• Flash security settings not coming up in Firefox 17.0

  Hi I have been successfully running my web project on Firefox browser till now.
  I am using adobe flash 11.5 version in my project and i am using the same for recording audio and video from webcam and the headsets.
  Before today everything was working quite good ,until..
  I updated my firefox browser to version 17.0 and found that my flash security settings just vanished in the thin air.
  I mean my flash used to show security settings(if the settings are set to deny or ask me mode),but after the update of firefox 17.0 ,i am not getting any security settings windows from flash.
  I am manually changing the settings using control panel.I cant ask my users to do this.
  So please look into this and provide a fix as soon as possible.
  Thanks

  can we get a link to see for ourselves? Or paste the HTML
  code up here (specifically that which embeds the flash in the
  page)

• Flash security settings in javascript

  hello all -   (newbie here)
  is there a way i can read the flash player camera/microphone security settings from javascript?
  i need to be able to determine from jscript if somebody selected "allow" or "deny" for the camera/microphone.
  also, is there a way in jscript i can determine when somebody hits the "close" button in the security question popup?
  i am playing around with the html object-map-coords tags but that does not seem to be working.
  or even better:  can i determine via javascript when somebody hits the "close" button after answering the security questions?
  NOTE:  i dont have any access to the action-script.
  thank you!

  I don't kknow of any easy/automatic way to do it, but It can
  be faked...
  You can put the javascript on the html page calling on the
  flash file. Inside the flash file use a preloader to determine when
  the page is fully loaded. Then instead of just playing the movie
  put in a
  getURL("javascript:name();");
  function to call the javascript once the page is fully
  loaded.
  This will do what you want. However thanks to new flash
  security it probably will not work until you publish the file to a
  server. There may be an easier way but I don't know it.

• Flash Security Settings and Random Questions not Displaying

  Hey folks,
  I created a Captivate 4 project with 3 slides and a question pool of about 70 questions in which I am randomly pulling in. I am using IE7 and Flash 10. Publishing in Flash 10. If I publish or view in Preview in a web browser the project launches, plays the first 3 slides, and then goes blank when the first question should appear. Note: previewing the project AND publishing the project as an .exe does launch and display all the questions correctly. It ends up being a flash security issue. I went to the adobe site and via the Adobe Flash Player Security Manager" I entered in the main .SWF captivate-generated file as a trusted file and then re-ran the published captivate project and it ran correctly. Question is ... what do I need to do to set up flash or my project so I don't have to do this for every new project that I deploy? I don't want to have the users have to go in and add whatever I deploy as a trusted file. It's also a little confusing as to why the first three slides played and it stopped at the questions ... seems like if it's not a trusted file, that it wouldn't run at all.
  Thanks for any help!
  Chris

  Hello again
  I think I'd be investigating a temporary web server to host on until things are ready. Here's where it will help.
  By providing files to the end users, if you are copying files over you end up having to explain how to save the files. You then have to walk them through setting the Flash Security so they can properly view. It all just becomes a pain in the kazoo.
  If you can find some server space, you simply upload the content and provide a link for the users to view the content.
  Other than that, if you are insistent that copying is the way to fly, I might suggest you establish a known location where you want everyone to copy their files. Perhaps C:\TestFolder. Then provide some instruction on how to configure the folder with the relaxed Flash Security. From there forward, anything they copy to the folder should need no security adjustment.
  Cheers... Rick
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• Problems with Captivate Redirects, possibly Flash Security and XML

  Hello fellow Captivarians,
  First a little backstory, earlier in the year we developed a course that heavily used external image files, which were gathered and organised through an XML file, then placed into Captivate 4 through a widget. This was all developed in Actionscript 3 and was designed to be accessed locally, on the user's computer from a CD Drive.
  We had a whole deal of issues with Captivate and Flash security issues, finding that we could not get the importing to work correctly in Internet Explorer as it outright refused to import the XML file (Presumably because of security issues). However, Firefox would work fine. Eventually we got it working via a bandaid solution by prepackaging the course with a firefox portable install.
  Now many months later, we have discovered our previous solution still works, but it now outright denies any redirects from HTML page to HTML page, regardless if the content is on the CD or if it's on the harddrive. Buttons that link to external sources will not work, (even if it's just a local page in the same directory).Flash player simply refuses to redirect between HTML pages. We tried some older projects that were developed in AS2 - and this wasn't an issue.
  The odd thing is however, on my computer it still works fine. However, on everyone elses in our office, it will not redirect at all. We are all running the same version of Flash Player, and the same version of Firefox...
  Any ideas? Could it have been a recent update with the Flash Player that prevents this sort of interaction?
  Cheers.

  Hi there
  Have you tried configuring the Flash Security Settings? That's my guess.
  Click here for a tutorial on how to configure
  If this will be on CD-ROM or DVD, you may need to consider adding a light version of a Web Server to the media and launching via that.
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• Flash security model; completely confused

  Really, does anybody understand it? Every article I read that
  allows comments, litterelly each comment is one person saying how
  the the previous person(s) are wrong in there interpretation of the
  security model.
  Flash 8 has been out for awhile now, and I've fully read
  dozens of articles and every page in the user reference under AS2.0
  > Learning AS2.0 > Understanding security, and I am still
  utterly confused. Granted, I'm a bit slow with abstract
  comprehension, but I'm getting nowehere. I'm trying to send POST
  data to a remote server. Not trying to receive anything, just
  sending POST. Can't seem to get it to work on a server. What do I
  need to do?
  What I really need is a detailed and concise XYZ list: if you
  want to do X, you have to do ABCD, if you want to do Y, you have to
  do AD, if you want to to Z, you have to do CBA, ect. In that way I
  could at least figure out what it is I have to do, research how to
  do that, and get somewhere. Instead I'm confronted with numerous
  ways of handling security(allowScriptAccess,
  System.security.allowDomain, ExternalInterface, superdomain
  matching rules, creating serverside permission files, creating
  local registration files, different behavior in different SWF
  versions AND different behavior in different SWF Players! And much,
  much more!) And can't figure out what I need to do.
  (Sorry, got a bit ranty there... not blaming MM, it's not
  their fault they had to incorperate security measure)
  All I know is my SWF is not working. I want to be able to
  send some POST data to a remote server, compatable with Flash
  Player 6,7,and 8; I do not need to load any data. What must I do to
  allow this?
  Thanks for any guidence, it is much needed!

  In my case, there was no receiving SWF, only a sending SWF to
  a serverside page(.php or .asp or something, I don't remember).
  I don't even remember what I did to get it to work(my OP was
  5 months ago... clearly someone has been searching for answers on
  Flash security, and, like me 5 months ago, have mostly found
  unsolved/unhelpful questions :-) )... I think I created a
  crossdomain.xml file. In the end, everything was deployed on the
  same domain, I believe the same subdomain as well.
  That is still a helpful tip, though... I'll try my best to
  remember allowDomain() if I ever need cross-domain SWF-to-SWF
  interaction.

• You Tube Widget - Flash Security Settings

  Hello,
  I managed to embed sucessfully a You Tube video by using flash factor widget.  It works when published to a web server no problem.  However it looks like anybody else who views it has to adjust their flash security settings.
  Is there away around this issue?
  Help would be greatly appreciated
  Thankyou
  Alison

  Hi all
  One way past this would be to include and install a light web server known as "Server2Go". It's pretty simple to install and it tricks the Flash Player into thinking the content is running from a server.
  Site to obtain Server2Go:
  http://www.server2go-web.de/
  Instructions for using it with Captivate:
  http://forums.adobe.com/message/892584
  Cheers... Rick
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks

• Flash Security Error

  I how can I solved the Flash Security Error? I can't view a chart that requires Flash.

  Has anyone been able to resolve this issue? There is also a similar older post (http://forums.adobe.com/message/32592#32592) that has not been answered.
  I have a Flex app on my website that downloads a file from the same place. Both are under the root directory. This works fine in IE7, IE9, Firefox, Chrome, and Opera. In IE8 I get the error (error text is "Error #2048"). This is on 32- and 64-bit XP machines.
  I even tried putting a crossdomain xml file (which should not be needed) to no avail.
  Any help would be appreciated.

• HT1918 I'm trying to update my credit card, but it won't let me input the security code.  Does anyone know how to solve this problem?

  I'm trying to update my credit card in ITunes, but it won't let me input the security code.  Does anyone know how to solve this problem?

  Could you give me more details on how it would let you put in the CVV?

• HT1725 I'm trying to buy songs on my iPad and it won't let me because of security questions but I forgot this so how do I resolve it?

  I'm trying to buy songs on my iPad and it won't let me because of security questions but I forgot this so how do I resolve it?

  Call Apple Care for your country and the 1st tier agent should be able to assist you or transfer your call to the Account Security team.

• Setting button on Flash security alert not working

  When I run a .sfw file locally, I receive a Flash Security
  Alert asking if it is ok for the Flash content to communicate with
  the internet. I see two buttons - one is called
  OK and the other is called
  Settings. When I click the Settings button nothing happens.
  Can anyone tell me why?

  How old is your ipod because it could just be getting old.