Security Sandbox Problems
Hi, I am a bit new to the whole actionscript thing but am
trying to include something on my website with buttons which can
load swf files into it. This works fine with locally hosted files
using
this.createEmptyMovieClip("Space",2);
setProperty(Space, _x, 0);
setProperty(Space, _y, 100);
loadMovie("
http://thaone.is-a-geek.net/Images/Buggy.swf",
Space);
for instance, however I am trying to allow a video from
youtube.com to appear in the "Space" movie clip using the following
syntax:
loadMovie("
http://www.youtube.com/p.swf?video_id=uBUNeDtcW2Q&eurl=&iurl=http%3A//sjl-static4.sjl.yout ube.com/vi/uBUNeDtcW2Q/2.jpg&t=OEgsToPDskIo4IP0ppjJgAKgafWqJlLy",
Space);
but it doesn't work properly. I have tried adding the
following but that makes no difference.
System.security.allowDomain("*");
System.security.allowInsecureDomain("*");
When I press Ctrl+Return the page loads ok and when I click
the corresponding button the video does appear but I can't get it
to run and the following error message appears:
*** Security Sandbox Violation ***
Connection to null halted - not permitted from
http://www.youtube.com/p.swf?video_id=uBUNeDtcW2Q&eurl=&iurl=http%3A//sjl-static4.sjl.yout ube.com/vi/uBUNeDtcW2Q/2.jpg&t=OEgsToPDskIo4IP0ppjJgAKgafWqJlLy
-- Remote SWFs may not access local files.
*** Security Sandbox Violation ***
SecurityDomain '
http://www.youtube.com/p.swf?video_id=uBUNeDtcW2Q&eurl=&iurl=http%3A//sjl-static4.sjl.yout ube.com/vi/uBUNeDtcW2Q/2.jpg&t=OEgsToPDskIo4IP0ppjJgAKgafWqJlLy'
tried to access incompatible context '
http://sjl-static4.sjl.youtube.com/vi/uBUNeDtcW2Q/2.jpg'
Any ideas?
I take it that means I can't do anything about it?
I don't suppose there is a way of displaying a webpage within
a flash animation is there? Because that would be good
enough
Similar Messages
-
*** Security Sandbox Violation *** problem
Dear All,
I having the Security problem
My Scinarion
I have an Exe (With SWISH Studio) / Swf file which is on Local Machine calles a swf file which on Server and that Swf file call a XML file which is on a Same Server
While Compiling the SWF file gives the following error message of
*** Security Sandbox Violation ***
SecurityDomain 'http://www.mydomain.com/folder/swfname.swf?mathrand=Wed Apr 8 19:39:27 GMT+0530 2009' tried to access incompatible context 'file:///D|/folder/swfname.swf'
I have already tried for
System.security.allowDomain("*"); and crossdomain.xml
But it dosen't worked for me
I will appriciate if any one can give me a ray of hope to solve this problem
Please give me some solution
Regards
RajDear Kglad,
Thanks for your instant reply as I have already mention I have tried with crossdomain.xml
If you want to check the crossdomain and the fla files then I will mail u the details please provide me the email address
Once again thanks
Regards
Raj -
I get a security sandbox error #2122 when i try to use ImageSnapshot on video player
hey guys... so all my application does is... it has a video player... and when i initiate the component it loads the flv from a different server, and plays the video... now while its playing the video i have a button called capture, and whe you hit that button the user is able to take snapshots of the current frame.
this seems to work perfectly locally, but as soon as i uploaded it to the server i get problems...
the error states:
SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: http://website1.com/Content/swf/oneStopImageVersion.swf cannot access http://website2.com/videos/originals/Grand_Opening.flv. A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
at flash.display::BitmapData/draw()
at mx.graphics::ImageSnapshot$/captureBitmapData()
at modules.videoHandler::videoHandler/captureVideo()
at modules.videoHandler::videoHandler/___videoHandler_LinkButton3_click()
i have the crossdomain file in the root directory of website2.com, and i have the folloing line of code in there
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="website1.com"/>
<allow-access-from domain="*.website1.com"/>
<allow-http-request-headers-from domain="*.website1.com" headers="SOAPAction"/>
</cross-domain-policy>
any ideas on how to fix this problem???
my actionscript code is as follows
public function captureVideo():void{
var snapshot:BitmapData = ImageSnapshot.captureBitmapData(videoPlayer.videoDisplay);
initialThumbnail.source = new Bitmap(snapshot); //this is the image tag in my mxml
any help is greatly appretiated!!!!
thanks in advance!any one with ideas???
i've been doing some more research... and found a possible solution... where i could send the video thru a server proxy... but the only thing is doing that might slow down my process... i was wondering if there was any other solution to this problem?? -
Need some help with security sandbox stuff asap please
hey guys... so im trying to do a swfLoader call to a swf on a server from my actionscript on my local machine, when i do that i get the security sandbox violation error.... i tried adding a crossdomain.xml file to the server that has the following code in it
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="SOAPAction"/>
</cross-domain-policy>
and in my actionscript on application initialize i do
initialize="init(); Security.loadPolicyFile('http://myServer.com/crossdomain.xml')"
i also do
Security.allowDomain("http://myServer.com");
any ideas???? oh and i also went to this website http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04a.ht ml and set the always allow trust locations to "/"
any ideas on how i could possible fix this problem?? ive been trying to get around this problem for the last 2 days!!
please help!!!!Hi,
Please use policy file logging to check the exact error. This should shed some light on the problem.The procedure is detailed here.
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_05.html
Nishad -
Error #2048: Security sandbox violation
I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.
I'm testing out Gumbo in my same environment (new workspace): WAMP based
My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.
Specifically:
- I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)
- I set method to POST and useProxy to false
(<fx:Declarations>
<s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
</fx:Declarations>)
- I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says
body = (null)
clientId = "DirectHTTPChannel0"
correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#1
DSStatusCode = 0
messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
rootCause = (flash.events::SecurityErrorEvent)#2
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#3
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#3
text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
type = "securityError"
timestamp = 0
timeToLive = 0
*NOTE: I obfuscated parts of the url for security reasons
I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)
I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...
Is this a bug or am I missing something new in the Gumbo ?
Again: my swf file is in a folder in the webroot on my ISP
also inside that folder is another folder with an XML file in it
I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)
changing the url to an absolute makes no difference...
thanks in advance for any helpSure...
here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:
private var loader : URLLoader = new URLLoader();
private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated
protected function Application_creationComplete():void
// This works...
loader.addEventListener( Event.COMPLETE, parseContent );
loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );
// This does not...
/* contentService.addEventListener( ResultEvent.RESULT, parseContent );
contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
try
loader.load( req );
catch (err:Error)
Alert.show("In Try Catch Error Block: " + err.message);
currentState='home';
the HTTPService was set up like this: (again, i obfuscate the URLs for security)
<fx:Declarations>
<s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
</fx:Declarations>
the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.
hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs) -
BitmapData.draw Security Sandbox and LocalTrusted not working?
Hello there, wondering if anyone else is having the same
problem -- I have a LocalTrusted security sandboxType -- and when i
try to access a BitmapData.draw method on a progressive flv, i get
the error message:
SecurityError: Error #2135: Security sandbox violation:
BitmapData.draw: file://file.swf may not access null. RTMP content
cannot be accessed using this API.
I've rechecked my sandbox type a zillion times, as well as
tried putting allow="*" in the crossdomain policy file ....
is this an error in my security settings -- or is
bitmapdata.draw on video objects now "gone"?Could you try this - Open and swf, rightClick - Goto
settings, then click Advanced. On the webPage click on "Global
Security settings panel".
If you don't find your local directory in there, add it and
see if things work?
If not, it would be good if you could post the chunk of code
which is creating problems. -
AIR, Fonts, CS4 and the security sandbox
I have no idea why embedding fonts in CS4 using library->new font includes every european character EXCEPT polish. You have german, french, spanish, norwegian, but not polish. Well, since embedding a font from Flash is the only way to use bitmap fonts in Flex, I had to create a library of external font files, one SWF per font size and style. Such an SWF exposes several functions, such as returning a ready to use pre-formatted textfield, returning the font name (Such as Tahoma) and the font name you actually need to use (such as Tahoma_13pt_st).
I thought I'd need an AIR application to parse through all the fonts (and there are quite a few) extract the neccesary data, such as font size, name and so on and generate an XML file, so that I can load fonts at dynamic.
The first problem I encountered was the security sandbox. A possible solution was to use the loaderInfo.childSandboxBridge. That approach didn't work however, as I was generating plain SWF files from flash CS4. childSandboxBridge is an AIR property, so I had to create an AIR file and try to set the bridge property to a simple number. So I did, but it gave me a
SecurityError: Error #3206: Caller app:/TahomaBold13.swf cannot set LoaderInfo property childSandboxBridge.
Weird. Well, I reverted the file to plain CS4 FPL10 SWF and decided to try another approach. I first loaded the SWF as a FileStream, then put the bytes into Loader.loadBytes. That should take care of security. And it did, however it created another problem.
The font library relies on being able to enumerate the embeded fonts. The SWF's constructor has a function that enumerates all fonts and isolates the font embeded in the SWF, and then extracts it's properties. When launching the SWF by itself, or loading it from another CS4 FPL10 SWF it launches perfectly and enumerates the fonts as it should. However when the SWF is executed from inside AIR, the constructor located in the font file, as well as a function called from the main application upon executing enumerateFonts(false) both give an empty array. Which is quite weird really, as the loaded SWF contains an input TextField with embedded fonts. And I can edit and type stuff in that textfield, even while it's rotated.
I thought this might be an issue of a different flash player version, but I tried to target AIR 1.5 and flash 9, neither worked and both returned no embeded fonts.
Here's the entire source of the mxml air app
<?xml version="1.0" encoding="utf-8"?>
<mx:WindowedApplication xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute">
<mx:Panel x="0" y="0" width="100%" height="100%" layout="absolute" title="M2C Studio Font Parser Utility">
<mx:VBox x="0" y="0" width="100%" height="100%" paddingRight="10" paddingLeft="10" paddingTop="10" paddingBottom="0">
<mx:HBox x="10" y="10" width="100%" height="95%">
<mx:VBox width="50%" height="100%">
<mx:Label text="Select font directory from filelist below"/>
<mx:FileSystemTree width="100%" height="50%" id="fileTree"/>
<mx:HRule width="100%"/>
<mx:Label text="Fonts list"/>
<mx:Text width="100%" height="50%" id="fontlist"/>
</mx:VBox>
<mx:VRule height="100%"/>
<mx:VBox width="50%" height="100%">
<mx:Label text="XML Output"/>
<mx:TextArea width="100%" height="50%" backgroundColor="#ECE9E9"/>
<mx:Canvas width="100%" height="50%" id="canv">
</mx:Canvas>
</mx:VBox>
</mx:HBox>
<mx:Button label="Generate XML from directory" width="100%" click="handlePress();"/>
</mx:VBox>
</mx:Panel>
<mx:Script>
<![CDATA[
import flash.utils.setInterval;
import com.m2cstudio.archont.utility.fonts.FontLibraryItem;
import com.m2cstudio.archont.utility.fonts.IFontLibraryItem;
import mx.accessibility.AlertAccImpl;
import mx.controls.*;
import mx.events.*;
import mx.controls.Alert;
var rx:RegExp = /^.*\.swf$/;
function handlePress():void
// This also throws an error
//Security.allowDomain("*");
var file:File = fileTree.selectedItem as File;
var aLoad:Array = new Array();
if(!file)
Alert.show("You must select a folder", "Error");
return;
} else if(!file.isDirectory) {
Alert.show("You must select a folder, not a file", "Error");
return;
var aList:Array = file.getDirectoryListing();
for each (var fil:File in aList)
if(!fil.isDirectory)
if(fil.nativePath.match(rx))
// Is swf
var fs:FileStream = new FileStream();
fs.addEventListener(Event.COMPLETE, handleFileStreamLoaded);
fs.openAsync(fil, FileMode.READ);
function handleFileStreamLoaded(e:Event):void
var fs:FileStream = e.target as FileStream;
var ld:Loader = new Loader();
var lc:LoaderContext = new LoaderContext();
var ba:ByteArray = new ByteArray();
lc.allowLoadBytesCodeExecution = true;
fs.readBytes(ba);
fs.close();
ld.contentLoaderInfo.addEventListener(Event.COMPLETE, handleLoaded);
ld.loadBytes(ba, lc);
function handleLoaded(e:Event):void
var cnt:FontLibraryItem = e.target.content as FontLibraryItem;
cnt.rotation=10; // Rotation, just to be sure it's not using system fonts
canv.rawChildren.addChild(cnt);
// This doesn't output anything - neither the main app nor the loaded SWF 'see' any embedded fonts, even though the later uses them!
for each (var f:Font in Font.enumerateFonts(false))
Alert.show(f.fontName, f.fontType);
// This should retrieve the appropriate values but throws an error because the SWF can't grab the Font definition
//Alert.show(cnt.getFontName(), cnt.getFontStyle());
]]>
</mx:Script>
</mx:WindowedApplication>
Here's a screen of what it actually looks like when compiled:
Here's the source of the font library item. Note that the SWF contains only 2 items. A TextField named font with embeded characters and a boolean bt on the first frame.
package com.m2cstudio.archont.utility.fonts
import flash.display.MovieClip;
import flash.text.*;
public dynamic class FontLibraryItem extends MovieClip implements IFontLibraryItem
private var txtFont:TextField;
private var fFont:Font;
public function FontLibraryItem()
super();
// Causes an error - see below why
//init();
public function getFontName():String
return fFont.fontName;
public function getFontType():String
return fFont.fontType;
public function getFontStyle():String
return fFont.fontStyle;
public function getBitmapText():Boolean
return this.bt;
public function getBitmapTextSize():uint
if(this.bt) {
return Number(txtFont.defaultTextFormat.size);
} else {
return 0;
public function hasGlyphs(glyphs:String):Boolean
return fFont.hasGlyphs(glyphs);
public function createTextField():TextField
var tf:TextField = new TextField();
tf.embedFonts = true;
tf.defaultTextFormat = (this.font as TextField).defaultTextFormat;
return tf;
public function init():void
if(this.font) {
txtFont = this.font;
} else {
throw new Error("Document must contain a textfield named 'font' with the embedded font");
var fArr:Array = Font.enumerateFonts(false);
if(fArr.length==0) {
throw new Error("Document does not contain any embeded fonts.");
} else if (fArr.length>1) {
throw new Error("Document must contain not more than one embedded font");
fFont = fArr[0];
I'm hoping some AIR specialists will take a look at this. Frankly I'm stumped. Font support in Flash was always black magic, more or less, so I can only hope this is an issue that can be solved.
Just tell me and I'll provide more source or sceenshots.
Cheers,
-archontI even tried porting the code to Gumbo and running it there - still, no fonts are being enumerated.
If you're too lazy to read the whole above post, here's the problem in one sentence
An SWF that contains a textfield with embedded fonts, when launched by itself succeeds to return the embedded font using Font.enumerateFonts(false), however when loaded using Loader.loadBytes into AIR, it fails to see those fonts even though the textfield in it is displayed and editable.
How do I make the loaded child application and AIR see the embedded font? -
Error 2142 - security sandbox violation
Hi,
I have a problem when I try to compile my player, I get the following error:
SecurityError: Error #2142: Security sandbox violation: local SWF files cannot use the LoaderContext.securityDomain property. file:///C|/development/Flash/Pathe%20ads/New%20cmpt%20sample%20code/AS3ComponentDemoCode% 5Fv2.1/DemoPlayer3Component.swf was attempting to load http://objects.tremormedia.com/embed/swf/acudeo.swf?rand=949275459.
What's odd is that:
1. I have used Security.allowDomain("http://objects.tremormedia.com/"); in the source code
2. This was working fine the day before last!
I have tried adding a crossdomain.xml file in the folder where I build the player, still no joy.
Can anyone help me with this? I tried throughout yesterday to fix it to no avail. I've even tried installing and building the player on a different machine to double check there wasn't something wrong on my PC.
Any help would be great - I'm tearing my hair out!Hi,
If you're still having issues, feel free to reach out to us directly. [email protected] or me personally at [email protected]
Thanks,
Andrew Baisley
Sr Solutions Engineer
Tremor Media -
Flex == Socklet Policy == Security sandbox violation ?!?!?!?!
Please help me with this problem. I'v had this problem for
over a month
I'm trying to connect to my C# server through my Flex client.
Flex client in running on IIS (c:/inetpub/wwwroot)
the policy file in on the root folder of IIS
<?xml
version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" secure="false"
/>
</cross-domain-policy>
1: I tried to use the loadPolicy method before i connect
through sockets
Security.loadPolicyFile("h ttp://localhost/crossdomain.xml");
(space does not exist in real code)
2: flex sends this message to server side while connecting
("<policy-file-request/>") so as soon as i get this message
on server side i read the policy text from crossdomain.xml and i
send ti back to the client.
eventhough i get a security error the client is still able to
connect to the server and send messages but it cannot receive any
message
I get the following security error:
[SecurityErrorEvent
type="securityError" bubbles=false cancelable=false eventPhase=2
text="Error #2048: Security sandbox violation:
file:///C:/Inetpub/wwwroot/ClientFlex/bin-debug/Client.swf cannot
load data from 10.0.0.3:8000."]Error #2048: Security sandbox
violation:
file:///C:/Inetpub/wwwroot/ClientFlex/bin-debug/Client.swf cannot
load data from 10.0.0.3:8000.
y am i still getting this error???????????
some people suggested to read the log files: but i followed
all adobe tutorials to turn os loggin, but couldn't get it to work.
mm.cfg does not exist, log folder for flash player does not exist,
log.txt for flash player does not exists.Hi,
In the move from Flash Player 9 to 10, Adobe increased the security constraints on sockets. If you are using sockets to connect to an "un-trusted" server, then you will still need a Cross-Domain Policy file, however that policy file must also be served up through sockets (not through HTTP).
You will need to run a socket server on the server you are connecting to in order to serve up the appropriate XML document through port 843 (by default). This socket server can be implemented in any number of ways, but I use a Java socket server that Thomas over at LessRain has posted on their blog. You can find it here: http://www.blog.lessrain.com/as3-java-socket-connections-to-ports-below-1024/
Good luck,
Taylor
4Point Solutions Ltd.
http://blogs.4point.com/taylor.bastien/ -
Flash CS5.5: Loading XML-file causes a "Security Sandbox Violation"
Hi,
after upgrading from CS3 to CS5.5, i get a "Security Sandbox Violation" when loading a XML-file. With CS3 everything was fine, but now my file is not working any more. The XML-file and my SWF-file are stored in the same directory and it nether work local nor on the webserver.
I don't know the correct message in english, but flash tells me something like:
"Security Sandbox Violation"
access to file:[]data.xml disconnent - not allowed from file:[]myfile.swf
Why am I not allowed to load an XML-file from the same directory/domain any more? And how can I get my data into my flash-File now?
It doesn't seems to be a Flash-Player-Problem, because an older version with the same code still works. So the problem has to be located in Flash CS5.5
Can anybody help me? Thanks a lot!
SonjaPlease ask such questions on the product specific forums. It is highly doubtful that anyone wil lsee it here.
Mylenium -
Security Sandbox Violation when calling a remote service from a worker
From my application, I make calls to a BlazeDS server, that works fine.
I added a worker that calls the same services on the same server. But then, only for the calls from the worker, I have a Security Sandbox Violation error. I launch the application from FB in debug mode.
This is the message :
Error: [strict] Ignoring policy file at http://xxxxxxxxxxxx/crossdomain.xml due to incorrect syntax. See http://www.adobe.com/go/strict_policy_files to fix this problem.
*** Security Sandbox Violation ***
Connection to http://xxxxxxxxxxxxxx/appstore-admin/messagebroker/amfpolling halted - not permitted from file:///D:/Projects/appstoreClientsNext/MultiAppstoreAdmin/bin-debug/MultiAppstoreAdmin.swf
Error: Request for resource at http://xxxxxxxxxxxxx/appstore-admin/messagebroker/amfpolling by requestor from file:///D:/Projects/appstoreClientsNext/MultiAppstoreAdmin/bin-debug/MultiAppstoreAdmin.swf is denied due to lack of policy file permissions.
What should I do to allow the worker to make remote calls ?I made some progress on this. There are two different cases :
1) The service you want to access has a crossdomain.xml file
All the workers can access the service without a problem.
2) The service you want to access doesn't have a crossdomain.xml file
Whether you launch from FB in debug mode or you put your application on the same server you are trying to access, only the primordial worker will access the service, the other workers will encounter a security error.
I believe this is a bug. Shouldn't a worker have the same access privileges as the primordial worker ? -
Need Help figuring out security sandbox issue after changing webhost
I'm in the process of switching my webhost from 1&1 shared hosting to a dedicated IP address with a smaller company that specializes in Drupal sites and doesn't know much about flash.
1&1 is still the Registrar for my domain, but I've 'parked' YourGods.com on the Holistic servers and have 'pointed' my site to the Holistic DomainNameServers instead of the 1&1 servers.
After doing this, my Flash site (which is based on the Gaia framework) stopped working, and the Flashplayer Debugger, gave me the following errors:
Error: Failed to load policy file from xmlsocket://127.0.0.1:5800
Error: Request for resource at xmlsocket://127.0.0.1:5800 by requestor from http://www.yourgods.com/bin/main.swf has failed because the server cannot be reached.
*** Security Sandbox Violation ***
Connection to 127.0.0.1:5800 halted - not permitted from http://www.yourgods.com/bin/main.swf
Someone helping me on another thread thought 127.0.0.1:5800 might mean the problem had to do with my paths and that I was trying to access something on my local computer, as opposed to being a standard cross-domain issue where one server was trying to access files on another, unrelated server.
Can someone clarify this?
I Googled 127.0.0.1:5800 and found some stuff about loops between a server and the originating computer but I'm really not sure how to put all of this together.
Is there a way (with the flash debugger or other software) to step through my actionscript code with periodic breakpoints so I can figure out what line is causing the problem?
Or a way to figure out if this is a problem between Holistic and my local computer or Holistic and the 1&1 web servers?
Thanks for any help.Thanks Josh.
I finally tracked this down last night with help from the folks at actionscript.org. I hadn't deactivated my Debugger which runs off of a desktop AIR application - so the server was trying to reach my localhost to run its trace statements. Deactivating the Debugger fixed the problem. -
Day 1 Ex. 3 Help! Error: Security Sandbox Violation
When I run the solution code in Flex Builder, I get a ***
Security Sandbox Violation *** message when debugging. Although,
when I changed my default browser to Safari, everything seemed to
work fine. Also, when I go directly to the bin-debug folder and
opened the "AdobeODT.html" file, the data from the xml file loads
properly. I played around with the "crossdomain.xml" solutions I've
been finding on the net, but couldn't get it to work. Anyone else
running into this problem? Any help would be greatly appreciated.
Thanks.
Running:
Mac OS X 10.5.6
Flex Builder 3
FireFox (current)
Safari (current)
Opera (current)Hi everybody who is experiencing this same problem. A little
research online directed me to the following page
http://www.jetbrains.net/jira/browse/IDEA-21996.
Which contains a good explanation why this is happening:
quote:
A SWF file can access one type of external resource only,
either local or over a network; it cannot access both types. You
determine the type of access allowed by the SWF file by using the
use-network flag when you compile your application. When
use-network flag is set to false, you can access resources in the
local filesystem, but not over the network. The default value is
true, which allows you to access resources over the network, but
not in the local filesystem.
So a sollution for this problem is:
quote:
you may specify the following string in "Additional compiler
options" at "Flex Compiler Settings" tab: -use-network=false
Hope this helps all of you experiencing this problem. -
*** Security Sandbox Violation *** when calling a You Tube video
Hi,
I get an error when I run my SWF, it says
*** Security Sandbox Violation ***
SecurityDomain 'http://s.ytimg.com/yt/swfbin/apiplayer3-vflS6GT64.swf' tried to access incompatible context 'file:///C|/Users/mww/web/crafty%20copy/10%2D11.swf'
My code is
// start of code
Security.allowDomain("www.youtube.com");
var my_playerbject;
var my_loader:Loader = new Loader();
my_loader.load(new URLRequest("http://www.youtube.com/apiplayer?version=3"));
my_loader.contentLoaderInfo.addEventListener(Event .INIT, onLoaderInit);
function onLoaderInit(e:Event):void{
movArticles.movArticle2.videoPlayerHolder.videoMov 2.addChild(my_loader);
my_player = my_loader.content;
my_player.addEventListener("onReady", onPlayerReady);
function onPlayerReady(e:Event):void{
my_player.setSize(640,360);
my_player.cueVideoById("CtOj8kpLIlI",0);
// end of code
Any help would be much apreciated, ThanksI tried adding those, as well as these :
Security.allowDomain("www.youtube.com");
Security.allowDomain("s.ytimg.com");
Security.allowDomain("s2.ytimg.com");
Security.allowDomain("*.youtube.com");
Security.allowDomain("*.ytimg.com");
Security.allowDomain("com.google.utils.SafeLoader");
Security.allowDomain("http://s.ytimg.com");
Security.allowDomain("http://www.youtube.com/apiplayer?version=3");
Security.allowDomain("o-o.preferred.lhr14s07.v15.lscache6.c.youtube.com");
Security.allowDomain("i1.ytimg.com");
Security.allowDomain("i2.ytimg.com");
Security.allowDomain("i3.ytimg.com");
Security.allowDomain("i4.ytimg.com");
Security.allowDomain("http://www.youtube.com");
Security.allowDomain("googleads.g.doubleclick.net");
Security.allowDomain("gdata.youtube.com");
Security.allowDomain("http://s0.2mdn.net");
Security.allowDomain("http://pagead2.googlesyndication.com");
Security.loadPolicyFile("http://www.youtube.com/crossdomain.xml");
Security.loadPolicyFile("http://s2.youtube.com/crossdomain.xml");
Security.loadPolicyFile("www.youtube.com");
Security.loadPolicyFile("http://www.youtube.com");
Security.loadPolicyFile("s.ytimg.com");
Security.loadPolicyFile("http://s.ytimg.com");
Security.loadPolicyFile("s2.ytimg.com");
Security.loadPolicyFile("i1.ytimg.com");
Security.loadPolicyFile("i2.ytimg.com");
Security.loadPolicyFile("i3.ytimg.com");
Security.loadPolicyFile("googleads.g.doubleclick.net");
Security.loadPolicyFile("gdata.youtube.com");
Security.allowInsecureDomain("www.youtube.com");
Security.allowInsecureDomain("http://www.youtube.com");
Security.allowInsecureDomain("*.youtube.com");
Security.allowInsecureDomain("s.ytimg.com");
Security.allowInsecureDomain("http://s.ytimg.com");
Security.allowInsecureDomain("s2.ytimg.com");
Security.allowInsecureDomain("*.ytimg.com");
Security.allowInsecureDomain("i1.ytimg.com");
Security.allowInsecureDomain("i2.ytimg.com");
Security.allowInsecureDomain("i3.ytimg.com");
Security.allowInsecureDomain("googleads.g.doubleclick.net");
Security.allowInsecureDomain("gdata.youtube.com")
YouTube's own ActionScript player example gives the same warnings. I think it might be something to do with the way the API is loaded, because instead of using a Loader & URLRequest I use:
<s:SWFLoader id="swfload" source="http://www.youtube.com/apiplayer?version=3"/>
Then in ActionScript:
protected var player:Object;
player=swfload.content;
Then access the API like this:
player.setPlaybackQuality(q);
Every attempt I made to use a Loader resulted in an error when accessing the API: "Access of undefined property setPlaybackQuality", but when loaded into an Object like YouTube's own example, Flex does not check for these functions before compiling and accesses them after they have loaded. I tried finding out about bridges among other things, but even the YouTube forums cannot answer this one and it is a common problem.
Security.allowDomain("www.youtube.com");
Security.allowDomain("s.ytimg.com");
Security.allowDomain("s2.ytimg.com");
Security.allowDomain("*.youtube.com");
Security.allowDomain("*.ytimg.com");
Security.allowDomain("com.google.utils.SafeLoader");
Security.allowDomain("http://s.ytimg.com");
Security.allowDomain("http://www.youtube.com/apiplayer?version=3");
Security.allowDomain("o-o.preferred.lhr14s07.v15.lscache6.c.youtube.com");
Security.allowDomain("i1.ytimg.com");
Security.allowDomain("i2.ytimg.com");
Security.allowDomain("i3.ytimg.com");
Security.allowDomain("i4.ytimg.com");
Security.allowDomain("http://www.youtube.com");
Security.allowDomain("googleads.g.doubleclick.net");
Security.allowDomain("gdata.youtube.com");
Security.allowDomain("http://s0.2mdn.net");
Security.allowDomain("http://pagead2.googlesyndication.com");
Security.loadPolicyFile("http://www.youtube.com/crossdomain.xml");
Security.loadPolicyFile("http://s2.youtube.com/crossdomain.xml");
Security.loadPolicyFile("www.youtube.com");
Security.loadPolicyFile("http://www.youtube.com");
Security.loadPolicyFile("s.ytimg.com");
Security.loadPolicyFile("http://s.ytimg.com");
Security.loadPolicyFile("s2.ytimg.com");
Security.loadPolicyFile("i1.ytimg.com");
Security.loadPolicyFile("i2.ytimg.com");
Security.loadPolicyFile("i3.ytimg.com");
Security.loadPolicyFile("googleads.g.doubleclick.net");
Security.loadPolicyFile("gdata.youtube.com");
Security.allowInsecureDomain("www.youtube.com");
Security.allowInsecureDomain("http://www.youtube.com");
Security.allowInsecureDomain("*.youtube.com");
Security.allowInsecureDomain("s.ytimg.com");
Security.allowInsecureDomain("http://s.ytimg.com");
Security.allowInsecureDomain("s2.ytimg.com");
Security.allowInsecureDomain("*.ytimg.com");
Security.allowInsecureDomain("i1.ytimg.com");
Security.allowInsecureDomain("i2.ytimg.com");
Security.allowInsecureDomain("i3.ytimg.com");
Security.allowInsecureDomain("googleads.g.doubleclick.net");
Security.allowInsecureDomain("gdata.youtube.com") -
This bug has been around for over a year: SecurityError: Error #2123: Security sandbox violation
Hi,
The bug of 'SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: file:///xxx/xxx.swf cannot access rtmfp://fms4.acrobat.com/cocomo/na2-sdk-xxx/xxx. No policy files granted access.' was first reported in lccs forum over a year ago:
http://forums.adobe.com/message/2803074
But the bug is still around. The bug can be generated by calling BitmapData.draw() on a flash.media.Video object which is attached to a p2p stream. It looks like the solution is to have the publisher to call:
send("|RtmpSampleAccess", true, true)
on the NetStream object _before_ the subscriber calls NetStream.play(), in order to give the permission to subscribers for audio and video streams.
In lccs library, the above permission authorisation happens in WebcamPublisher:
protected function onNetStatus(p_evt:NetStatusEvent):void
if (p_evt.info.code=="NetStream.Connect.Success") {
setTimeout(sendSnapShotPermission, 500);
_stream.send("|RtmpSampleAccess", true, true);
protected function sendSnapShotPermission():void
_stream.send("|RtmpSampleAccess", true, true);
but it doesn't help the problem. In fact, it is not clear to me when this 'snap shot permission' is sent to the subscriber.
One more note: This is not a critisism for the lccs development quality, but rather a question on how ready lccs is for production use. After encountering this bug, I had to go through the lccs code (the open source parts), and found out that the library is not really written, well, carefully, and it is full of temporary quick-n-dirty fixes.
For instance in the above example, sendSnapShotPermission() is called after 500 milliseconds, probably to allow something to happen before calling the method, but how can you be sure that it will happen in 500 milliseconds? Probably,an event listener should have been used. Immediately in the next line, we see:
_stream.send("|RtmpSampleAccess", true, true);
which is a duplicate of sendSnapShotPermission(). many examples like this can be found throughout the library.
AurelianoHi Nigel,
Two questions:
1. When the publisher sends the access permission to the subcriber by:
netStream.send("|RtmpSampleAccess", true, true)
, on the subscriber side, what event or function can handle the guaranteed receipt of the access permission? Currently it is possible to draw the incoming stream video upon receiving NetStream.Play.Star and waiting for 5 seconds or so:
public class MyWebcamSubscriber extends WebcamSubscriber {
override protected function layoutCameraStreams():void
// trying the event listener seems to work here.
_streamManager.addEventListener(NetStatusEvent.NET_STATUS, onNetStatus);
override protected function onNetStatus(e:NetStatusEvent):void
super.onNetStatus(e);
case "NetStream.Play.Start":
setTimeout(function():void {
// draw the video from the incoming stream here.
}, 5000);
The questions is, which event can let the subscriber know that it has the access permission to the video stream?
2. In WebcamPublisher, why is that the access permission is sent 3 times?
a. Once on receiving NetStream.Connect.Success with 0.5 second delay, as in below.
b. Once immediately upon receiving NetStream.Connect.Success, as in below.
protected function onNetStatus(p_evt:NetStatusEvent):void
if (p_evt.info.code=="NetStream.Connect.Success") {
setTimeout(sendSnapShotPermission, 500);
_stream.send("|RtmpSampleAccess", true, true);
protected function sendSnapShotPermission():void
_stream.send("|RtmpSampleAccess", true, true);
c. Once in onConnectionTypeChange() with 2 seconds delay:
protected function onConnectionTypeChange(p_evt:StreamEvent):void
if ( _streamManager.isP2P) {
_stream= new NetStream(_connectSession.sessionInternals.session_internal::connection as NetConnection,NetStream.DIRECT_CONNECTIONS);
setTimeout(sendSnapShotPermission, 2000);
Maybe you are looking for
-
Embedding Flash in HTML using Dreamweaver - stopped working
Hi all, not really sure what's going on, but I've done this many times before and it's worked fine. I've previously embedding Flash videos I've created in Premiere and/or converted using other software. I simply drag and drop the Flash file where I
-
Install OS X 10.5 on powerbook G4 help
i need to upgrade my operating system from tiger 10.4.11 to leopard 10.5. my computer meets all the tech specs but i wanted to find out of i can install any version of leopard OS X 10.5 (e.g. 10.5.6) or if i have to start at OS X 10.5 and then update
-
Return results from ADEP in AS3 Arrays, not ArrayCollections
Hi all, Is there any way to force ADEP to return results from data services in simple AS3 Arrays, not ArrayCollections? Here are my situation: In my project I use ADEP Data Management Services. To connect to ADEP services we use RTMP channel defined
-
Why does my iPad not show up in manage storage?
Why does my iPad not show up in manage storage?
-
would you help me about meaning of cross listing and how to create cross listing ? best regards, jin dal