Security sandbox question
Hi everyone,
I'm working on a project with a lot with external data (xml
files, images, video), each time I publish a new swf, I have to
right click in the flashplayer window and go to the settings
manager page otherwise I get the SecurityError warning. I know
that's the normal behavior of the flash player, but I was just
wondering, how would I be able to do this if I have no network
connection?
If there is a way to change this, please let me know,
thanks
Have you seen this doc:
http://livedocs.adobe.com/flex/2/docs/00001953.html
Tracy
Similar Messages
-
Flash Player Security Sandbox Question
Hi,
We have an SWF file with another SWF file inside of it and a FLV that plays on load.
The address is http://www.inteletravel.com/Movie.cfm
However, we offer independent travel agents specialized sub domains like samgibson.inteletravel.com that are virtually set up. However, with these sub domains only the root blue SWF shows up. The player controls nor the FLV video itself appear.
Ww tried an XML cross domain policy file with no luck even though ithas worked for us with multiple sites in the past.
Any suggestions would be most appreciated.
Thanks.I just tried the link for FP for ActiveX (Internet Explorer) in Pat Willener's above reply, and the link did not work. Received this reply from Internet Explorer:
Oops! This link appears to be broken.
Did you mean: macromedia.com
I tried copying the url from the Properties of the link, and pasting it into a fresh browser window. Same result.
Is there an updated link available, that works?
Sincerely,
SpaceAdventurer -
Flash CS5.5: Loading XML-file causes a "Security Sandbox Violation"
Hi,
after upgrading from CS3 to CS5.5, i get a "Security Sandbox Violation" when loading a XML-file. With CS3 everything was fine, but now my file is not working any more. The XML-file and my SWF-file are stored in the same directory and it nether work local nor on the webserver.
I don't know the correct message in english, but flash tells me something like:
"Security Sandbox Violation"
access to file:[]data.xml disconnent - not allowed from file:[]myfile.swf
Why am I not allowed to load an XML-file from the same directory/domain any more? And how can I get my data into my flash-File now?
It doesn't seems to be a Flash-Player-Problem, because an older version with the same code still works. So the problem has to be located in Flash CS5.5
Can anybody help me? Thanks a lot!
SonjaPlease ask such questions on the product specific forums. It is highly doubtful that anyone wil lsee it here.
Mylenium -
BitmapData.draw() SecurityError: Security sandbox violation
i am loading and playing a local video file with appendBytes() and when i call a bitmapData.draw() function
below exception comes up.
SecurityError: Error #2123: Security sandbox violation: BitmapData.draw
cannot access null. No policy files granted access.
what should i do???....Sir i already mention in my last message i test it with both relative and absolute.
Yes i khow relative paths works fine when i do some thing like this
<mx:VideoDisplay x="0" y="0" width="516" height="379" source="../user_data/uploads/cd73502828457d15655bbd7a63fb0bc8/v/1345023450-Action_.flv"/>
bitmap.draw works fine in above case but my scenario is different i am loading a complete video as bytearray before playing and play video from that bytes
private function fileLoaderComplete(event:Event):void
//Pass the loaded bytes to player
player.AddVideo(urlLoader.data);
//This is Add video Function in Player.mxml
public function AddVideo(VideobyteArray:ByteArray):void
if(ns == null)
var nc:NetConnection = new NetConnection();
nc.connect(null);
ns = new NetStream(nc);
// ns.checkPolicyFile = true;
ns.soundTransform = new SoundTransform(0.0);
ns.client = this;
ns.addEventListener(NetStatusEvent.NET_STATUS, nsStatus);
videoData = VideobyteArray;
GetTags(videoData);
ns.play(null);
ns.appendBytesAction(NetStreamAppendBytesAction.RESET_BEGIN);
ns.appendBytes(VideobyteArray);
video.attachNetStream(ns);
playBar.TogglePlay(true);
i think its a bug in flash sdk 4.6 (Flash Player 11)
bitmap.draw function somehow conflicts with the appendBytesAction or appendBytes
this question is posted on ActionScript 3.0 forum before
http://forums.adobe.com/message/4650890#4650890
http://flash.bigresource.com/flash-use-BitmapData-draw-with-NetStream-appendBytes--iTNz6LV JM.html
http://stackoverflow.com/questions/5607047/how-can-i-use-bitmapdata-draw-with-netstream-ap pendbytes -
This bug has been around for over a year: SecurityError: Error #2123: Security sandbox violation
Hi,
The bug of 'SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: file:///xxx/xxx.swf cannot access rtmfp://fms4.acrobat.com/cocomo/na2-sdk-xxx/xxx. No policy files granted access.' was first reported in lccs forum over a year ago:
http://forums.adobe.com/message/2803074
But the bug is still around. The bug can be generated by calling BitmapData.draw() on a flash.media.Video object which is attached to a p2p stream. It looks like the solution is to have the publisher to call:
send("|RtmpSampleAccess", true, true)
on the NetStream object _before_ the subscriber calls NetStream.play(), in order to give the permission to subscribers for audio and video streams.
In lccs library, the above permission authorisation happens in WebcamPublisher:
protected function onNetStatus(p_evt:NetStatusEvent):void
if (p_evt.info.code=="NetStream.Connect.Success") {
setTimeout(sendSnapShotPermission, 500);
_stream.send("|RtmpSampleAccess", true, true);
protected function sendSnapShotPermission():void
_stream.send("|RtmpSampleAccess", true, true);
but it doesn't help the problem. In fact, it is not clear to me when this 'snap shot permission' is sent to the subscriber.
One more note: This is not a critisism for the lccs development quality, but rather a question on how ready lccs is for production use. After encountering this bug, I had to go through the lccs code (the open source parts), and found out that the library is not really written, well, carefully, and it is full of temporary quick-n-dirty fixes.
For instance in the above example, sendSnapShotPermission() is called after 500 milliseconds, probably to allow something to happen before calling the method, but how can you be sure that it will happen in 500 milliseconds? Probably,an event listener should have been used. Immediately in the next line, we see:
_stream.send("|RtmpSampleAccess", true, true);
which is a duplicate of sendSnapShotPermission(). many examples like this can be found throughout the library.
AurelianoHi Nigel,
Two questions:
1. When the publisher sends the access permission to the subcriber by:
netStream.send("|RtmpSampleAccess", true, true)
, on the subscriber side, what event or function can handle the guaranteed receipt of the access permission? Currently it is possible to draw the incoming stream video upon receiving NetStream.Play.Star and waiting for 5 seconds or so:
public class MyWebcamSubscriber extends WebcamSubscriber {
override protected function layoutCameraStreams():void
// trying the event listener seems to work here.
_streamManager.addEventListener(NetStatusEvent.NET_STATUS, onNetStatus);
override protected function onNetStatus(e:NetStatusEvent):void
super.onNetStatus(e);
case "NetStream.Play.Start":
setTimeout(function():void {
// draw the video from the incoming stream here.
}, 5000);
The questions is, which event can let the subscriber know that it has the access permission to the video stream?
2. In WebcamPublisher, why is that the access permission is sent 3 times?
a. Once on receiving NetStream.Connect.Success with 0.5 second delay, as in below.
b. Once immediately upon receiving NetStream.Connect.Success, as in below.
protected function onNetStatus(p_evt:NetStatusEvent):void
if (p_evt.info.code=="NetStream.Connect.Success") {
setTimeout(sendSnapShotPermission, 500);
_stream.send("|RtmpSampleAccess", true, true);
protected function sendSnapShotPermission():void
_stream.send("|RtmpSampleAccess", true, true);
c. Once in onConnectionTypeChange() with 2 seconds delay:
protected function onConnectionTypeChange(p_evt:StreamEvent):void
if ( _streamManager.isP2P) {
_stream= new NetStream(_connectSession.sessionInternals.session_internal::connection as NetConnection,NetStream.DIRECT_CONNECTIONS);
setTimeout(sendSnapShotPermission, 2000); -
Security Sandbox Violation Crashes Photoshop
====================================================
Problem:
====================================================
I have a Photoshop extension whose main app launches a popup window, and that popup window displays an image via a HTTP source and it has a custom event. When a button click dispatches that custom event, and that event listener opens a local file on the system, Photoshop crashes after a Security Sandbox Violation.
I am building a demo that incorporates LiveCycle DataServices and ColdFusion to synchronize data between a web application and the extension. Part of the application includes previewing images from the extension over HTTP. However, to open the image in PS after viewing the preview, I use the Photoshop DOM method open(filePath) which accesses the local file system.
The problem seems to be that network access and local file access are mutually exclusive in Flash/Flex. If I use the -use-network=false compiler option, then the image will open properly via the DOM, but then I would not be able to preview the images over HTTP.
Questions:
1) Is there a way in the CS SDK to enable *both* local file system access *and* network access?
2) If not, then can you suggest a workaround?
3) Would you agree that this would be a defect in Photoshop and that PS should not crash upon a Flash Player security exception?
Thank you,
Steven Erat
====================================================
Environment
====================================================
Photoshop CS5 Extended 12.01 x32
Flash Builder 4
CS SDK 1.02
Extension Builder SDK 3.4
MacBook Pro / OS X 10.5 / Intel Core 2 Duo 2.66 GHz / Procs: 1 / Cores: 2 / Memory: 8 GB
App configured for Photoshop CS5 and Photoshop CS5 Extended
====================================================
NewsAgencyPhotos.mxml (the main app)
====================================================
<?xml version="1.0" encoding="utf-8"?>
<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" xmlns="com.stevenerat.news.*"
horizontalScrollPolicy="off" verticalScrollPolicy="off" verticalGap="0"
layout="vertical" horizontalAlign="left" backgroundColor="#353535"
historyManagementEnabled="false"
creationComplete="getPhotos();">
<mx:Script>
<![CDATA[
... public var selectedPhoto:String;
public function handlePhotoClick(data:Object):void {
var PreviewImageWindow:PreviewImage = PreviewImage(PopUpManager.createPopUp(this,PreviewImage,true));
var filePath:String = data.dirPath + data.fileName;
PreviewImageWindow.addEventListener("openImageEvent",handleImageOpenEvent);
PreviewImageWindow.setFileName(data.fileName);
PreviewImageWindow.setFilePath(filePath);
PreviewImageWindow.y = 0;
PreviewImageWindow.x = 0;
private function handleImageOpenEvent(event:Event):void{
dump(event);
public function dump(obj:Object):void{
trace(mx.utils.ObjectUtil.toString(obj));
====================================================
PreviewImage.mxml (the popup)
====================================================
<?xml version="1.0" encoding="utf-8"?>
<mx:TitleWindow xmlns:mx="http://www.adobe.com/2006/mxml" title="Preview Image"
creationComplete="init();">
<mx:Metadata>
[ Event( name="openImageEvent", type="flash.events.Event") ]
</mx:Metadata>
<mx:Script>
<![CDATA[
public function init():void{
this.title = 'Previewing: ' + fileName;
previewImg.source = "http://localhost:8500/LR_AUTO/imported/previews/" + fileName;
previewImg.visible = true;
imgProgressBar.visible=true;
private function openImage():void{
NewsAgencyPhotoshop.open(this.filePath);
var openImageEvent:Event = new Event("openImageEvent");
dispatchEvent(openImageEvent);
closePopup();
<mx:Button id="btnOpen" label="OPEN" visible="false" click="openImage()"/>
====================================================
NewsAgencyPhotoshop.as
====================================================
public static function open(filePath:String):void
var app:Application = Photoshop.app;
var file:File = new File(filePath);
app.open(file);
====================================================
Extension Builder console output
====================================================
[SWF] StageManager-2.0.swf - 1,188,270 bytes after decompression
2/15/2011 10:37:57.747 [INFO] com.adobe.csxs.stagemanager.StageManager creationComplete()
2/15/2011 10:37:57.765 [INFO] com.adobe.csxs.stagemanager.external.ExternalEventReceiver ExternalInterface callback registered.
2/15/2011 10:37:57.767 [INFO] com.adobe.csxs.stagemanager.external.CSXSEventReceiver ExternalInterface callback registered.
2/15/2011 10:37:57.770 [INFO] com.adobe.csxs.command.GetPendingStageManagerIdCommand calling GetPendingStageManagerId through ExternalInterface
2/15/2011 10:37:57.784 [INFO] com.adobe.csxs.command.GetPendingStageManagerIdCommand execute() PlugPlug returned StageManager ID.
2/15/2011 10:37:57.828 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension CH
2/15/2011 10:37:57.829 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension com.example.helloworld.extension1
2/15/2011 10:37:57.830 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension BASICAMFCONNECTOR
2/15/2011 10:37:57.830 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension CSREVIEW
2/15/2011 10:37:57.831 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension HELLOPHO
2/15/2011 10:37:57.831 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension KLR
2/15/2011 10:37:57.831 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension com.stevenerat.news.extension1
2/15/2011 10:37:57.832 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension CREATENEWCSREVIEW
2/15/2011 10:37:57.832 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension NETAVERAGES
2/15/2011 10:37:57.833 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension com.adobe.rc.mymessages
2/15/2011 10:37:57.834 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension CHWE
2/15/2011 10:37:57.834 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension com.adobe.rc.operationalmessages
2/15/2011 10:37:57.834 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension STORY
2/15/2011 10:37:57.835 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension FRIO
2/15/2011 10:37:57.835 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension MINIBR
2/15/2011 10:37:57.836 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension BLCSLIVE
2/15/2011 10:37:57.837 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension CHSIGNIN
2/15/2011 10:37:57.837 [INFO] com.adobe.csxs.stagemanager.model.ExtensionManager Adding extension swfpanel-onOne-0
2/15/2011 10:37:57.838 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLoader ExtensionLoader() registering ExternalInterface callback loadExtension
2/15/2011 10:37:57.839 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLoader ExtensionLoader() registering ExternalInterface callback unloadExtension
2/15/2011 10:37:57.840 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLoader checkLoadingQueue()
2/15/2011 10:37:57.842 [INFO] com.adobe.csxs.command.GetLoadingQueueCommand calling GetLoadingQueue through ExternalInterface
2/15/2011 10:37:57.846 [INFO] com.adobe.csxs.command.GetLoadingQueueCommand execute() PlugPlug returned extensions to be loaded.
2/15/2011 10:37:57.847 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLoader loadExtension() com.stevenerat.news.extension1
2/15/2011 10:37:57.851 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager Extension com.stevenerat.news.extension1 is not a plugin extension -> validating.
2/15/2011 10:37:57.857 [INFO] com.adobe.csxs.stagemanager.security.impl.ExtensionValidator In debug mode the extension signature is not validated.
2/15/2011 10:37:57.861 [INFO] com.adobe.csxs.command.SetExtensionSignedCommand calling SetIsSigned through ExternalInterface
2/15/2011 10:37:58.071 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager doLoadExtension() Extension com.stevenerat.news.extension1 loaded.
2/15/2011 10:37:58.185 [INFO] com.adobe.csxs.stagemanager.window.ExtensionWindow onCreationComplete()
[SWF] Users/stevenerat/Library/Application Support/Adobe/CS5ServiceManager/extensions/com.stevenerat.news/NewsAgencyPhotos.swf - 1,958,036 bytes after decompression
2/15/2011 10:37:58.398 [INFO] com.adobe.csxs.stagemanager.window.ExtensionWindow Loading of extension com.stevenerat.news.extension1 complete.
2/15/2011 10:37:58.400 [INFO] com.adobe.csxs.stagemanager.window.impl.SWFEventDispatcher Loading of extension com.stevenerat.news.extension1 complete.
2/15/2011 10:37:58.503 [INFO] com.adobe.csxs.stagemanager.external.CSXSEventReceiver receiveExternalEvent() dispatching CSXSEvent to all extensions...
2/15/2011 10:37:58.504 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager Dispatching event of type com.adobe.csxs.internally.events.BroadcastEvent to all extensions.
2/15/2011 10:37:59.426 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLifeCycleNotifier onExtensionComplete()
2/15/2011 10:37:59.428 [INFO] com.adobe.csxs.command.SetExtensionLoadedCommand calling SetIsLoaded through ExternalInterface
2/15/2011 10:37:59.430 [INFO] com.adobe.csxs.stagemanager.extension.impl.ExtensionLifeCycleNotifier dispatchInvokeEvent()
2/15/2011 10:37:59.433 [INFO] com.adobe.csxs.command.CheckStartOnEventCommand calling CheckStartOnEvent through ExternalInterface for com.stevenerat.news.extension1
2/15/2011 10:37:59.437 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowStateManager onExtensionComplete()
2/15/2011 10:37:59.445 [INFO] com.adobe.csxs.stagemanager.window.impl.SWFEventDispatcher dispatchEventToExtension() Dispatching event of type com.adobe.csxs.events::StateChangeEvent to extension com.stevenerat.news.extension1
2/15/2011 10:37:59.451 [INFO] com.adobe.csxs.stagemanager.external.CSXSEventReceiver receiveExternalEvent() dispatching CSXSEvent to all extensions...
2/15/2011 10:37:59.451 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager Dispatching event of type com.adobe.csxs.internally.events.BroadcastEvent to all extensions.
2/15/2011 10:37:59.488 [INFO] com.adobe.csxs.stagemanager.external.CSXSEventReceiver receiveExternalEvent() dispatching CSXSEvent to all extensions...
2/15/2011 10:37:59.488 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager Dispatching event of type com.adobe.csxs.internally.events.BroadcastEvent to all extensions.
2/15/2011 10:38:03.763 [INFO] com.adobe.csxs.stagemanager.window.impl.SWFEventDispatcher dispatchEventToExtension() Dispatching event of type com.adobe.csxs.events::StateChangeEvent to extension com.stevenerat.news.extension1
2/15/2011 10:38:16.926 [INFO] com.adobe.csxs.stagemanager.window.impl.SWFEventDispatcher dispatchEventToExtension() Dispatching event of type com.adobe.csxs.events::StateChangeEvent to extension com.stevenerat.news.extension1
2/15/2011 10:38:17.236 [INFO] com.adobe.csxs.stagemanager.external.CSXSEventReceiver receiveExternalEvent() dispatching CSXSEvent to all extensions...
2/15/2011 10:38:17.237 [INFO] com.adobe.csxs.stagemanager.window.impl.WindowManager Dispatching event of type com.adobe.csxs.internally.events.BroadcastEvent to all extensions.
*** Security Sandbox Violation ***
SecurityDomain 'http://localhost:8500/LR_AUTO/imported/ERAT_STEVEN_20110122_060.jpg' tried to access incompatible context 'app:/StageManager-2.0.swf'I solved this issue by creating a symbolic link on the file system so that my CS SDK project src folder now sees the directory in the file system webroot that it was previously accessing images over HTTP. The extension only sees resources over the local filesystem, not the network.
A bit of a kludge, but it would be great to have the CS SDK APE player provide a way to access the network and the file system. At the moment, I'm not aware of one.
And I'll just add that although I have a workaround, it still seems like a defect that PS would crash on a sandbox exception.
Thanks for reading! -
I get a security sandbox error #2122 when i try to use ImageSnapshot on video player
hey guys... so all my application does is... it has a video player... and when i initiate the component it loads the flv from a different server, and plays the video... now while its playing the video i have a button called capture, and whe you hit that button the user is able to take snapshots of the current frame.
this seems to work perfectly locally, but as soon as i uploaded it to the server i get problems...
the error states:
SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: http://website1.com/Content/swf/oneStopImageVersion.swf cannot access http://website2.com/videos/originals/Grand_Opening.flv. A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
at flash.display::BitmapData/draw()
at mx.graphics::ImageSnapshot$/captureBitmapData()
at modules.videoHandler::videoHandler/captureVideo()
at modules.videoHandler::videoHandler/___videoHandler_LinkButton3_click()
i have the crossdomain file in the root directory of website2.com, and i have the folloing line of code in there
<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="website1.com"/>
<allow-access-from domain="*.website1.com"/>
<allow-http-request-headers-from domain="*.website1.com" headers="SOAPAction"/>
</cross-domain-policy>
any ideas on how to fix this problem???
my actionscript code is as follows
public function captureVideo():void{
var snapshot:BitmapData = ImageSnapshot.captureBitmapData(videoPlayer.videoDisplay);
initialThumbnail.source = new Bitmap(snapshot); //this is the image tag in my mxml
any help is greatly appretiated!!!!
thanks in advance!any one with ideas???
i've been doing some more research... and found a possible solution... where i could send the video thru a server proxy... but the only thing is doing that might slow down my process... i was wondering if there was any other solution to this problem?? -
How to resolve security sandbox violation (Error#2148) in Flex 3 on XP?
Hi,
When I tried to access an image on c:\ (on XP), I get the following error:
*** Security Sandbox Violation ***
Connection to file:///C:\DBFiles\3.jpg halted - not permitted from http://localhost/test-debug/test.swf
-- Remote SWFs may not access local files.SecurityError: Error #2148: SWF file http://localhost/ullmanphp-debug/ullmanphp.swf cannot access local resource file:///C:\DBFiles\INDSprintOrgChart.pptx\3.jpg. Only local-with-filesystem and trusted local SWF files may access local resources.
at flash.display::Loader/_load()
at flash.display::Loader/load()
It looks like some sort of mismatch on security settings. I have done the following so far (based on what I got by googling....)
1. Flex comipler setting additional compiler arguments: -use-network=false
2. I have added a crossdomain.xml on the source directory with these lines...
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="SOAPAction"/>
However, error is still appearing. How do I fix this for testing on my local machine. I cannot move to a webserver at this time.
Thanks!.How do I set Security.sandboxType related to flash player? When I try to see it in my application through debugger it says "remote". I think I need to set it to one of the following from the adobe manual pages...
Security.sandboxType has one of the following values:
remote (Security.REMOTE)—This file is from an Internet URL and operates under domain-based sandbox rules.
localWithFile (Security.LOCAL_WITH_FILE)—This file is a local file, has not been trusted by the user, and it is not a SWF file that was published with a networking designation. The file may read from local data sources but may not communicate with the Internet.
localWithNetwork (Security.LOCAL_WITH_NETWORK)—This SWF file is a local file, has not been trusted by the user, and was published with a networking designation. The SWF file can communicate with the Internet but cannot read from local data sources.
localTrusted (Security.LOCAL_TRUSTED)—This file is a local file and has been trusted by the user, using either the Flash Player Settings Manager or a FlashPlayerTrust configuration file. The file can read from local data sources and communicate with the Internet.
application (Security.APPLICATION)—This file is running in an AIR application, and it was installed with the package (AIR file) for that application. By default, files in the AIR application sandbox can cross-script any file from any domain (although files outside the AIR application sandbox may not be permitted to cross-script the AIR file). By default, files in the AIR application sandbox can load content and data from any domain.
Any input on how to set it would be greatly appreciated. Thanks! -
Can someone please help me see what's wrong with this picture? Why is this security error happening? Is there something I need to change with my crossdomain.xml file?
LoadURL loadError [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: http://www.mysite/mySWF.swf cannot load data from http://mysite.com/scripts/myScript.php."]
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<site-control permitted-cross-domain-policies="master-only" />
<cross-domain-policy>
<allow-access-from domain="mysite.com" />
<allow-access-from domain="www.mysite.com" />
<allow-access-from domain="*.mysite.com" />
</cross-domain-policy>nevermind, idk why I put the site control node outside of the cross-domain-policy root.
-
Security Sandbox violation, opening links in Flash player
Hi,
I have a swf content and its content served from a content management server say for eg, http://www9.abc.com into the html file which is served from http://qwww9.abc.com The links embedded in the flash were not working, when these links are clicked I get this error when tried with Flash debugger player.
*** Security Sandbox Violation ***SecurityDomain 'http://qwww9.abc.com/' tried to access incompatible context 'https://www9.abc.com/sample.swf'
I had set a crossdomain policy file in a custom location in the content management server for this issue, but with the Flash player 9,0,115,0 this stopped working due to default policy change to "master-only". I will not be able to have this policy file in the root folder of the content management server or have the policy set in the HTTP response header.
Is there anyother solution for this issue, for having the links work without setting the crossdomain policy file?
Thanks in advance...How do I set Security.sandboxType related to flash player? When I try to see it in my application through debugger it says "remote". I think I need to set it to one of the following from the adobe manual pages...
Security.sandboxType has one of the following values:
remote (Security.REMOTE)—This file is from an Internet URL and operates under domain-based sandbox rules.
localWithFile (Security.LOCAL_WITH_FILE)—This file is a local file, has not been trusted by the user, and it is not a SWF file that was published with a networking designation. The file may read from local data sources but may not communicate with the Internet.
localWithNetwork (Security.LOCAL_WITH_NETWORK)—This SWF file is a local file, has not been trusted by the user, and was published with a networking designation. The SWF file can communicate with the Internet but cannot read from local data sources.
localTrusted (Security.LOCAL_TRUSTED)—This file is a local file and has been trusted by the user, using either the Flash Player Settings Manager or a FlashPlayerTrust configuration file. The file can read from local data sources and communicate with the Internet.
application (Security.APPLICATION)—This file is running in an AIR application, and it was installed with the package (AIR file) for that application. By default, files in the AIR application sandbox can cross-script any file from any domain (although files outside the AIR application sandbox may not be permitted to cross-script the AIR file). By default, files in the AIR application sandbox can load content and data from any domain.
Any input on how to set it would be greatly appreciated. Thanks! -
Need some help with security sandbox stuff asap please
hey guys... so im trying to do a swfLoader call to a swf on a server from my actionscript on my local machine, when i do that i get the security sandbox violation error.... i tried adding a crossdomain.xml file to the server that has the following code in it
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="SOAPAction"/>
</cross-domain-policy>
and in my actionscript on application initialize i do
initialize="init(); Security.loadPolicyFile('http://myServer.com/crossdomain.xml')"
i also do
Security.allowDomain("http://myServer.com");
any ideas???? oh and i also went to this website http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04a.ht ml and set the always allow trust locations to "/"
any ideas on how i could possible fix this problem?? ive been trying to get around this problem for the last 2 days!!
please help!!!!Hi,
Please use policy file logging to check the exact error. This should shed some light on the problem.The procedure is detailed here.
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_05.html
Nishad -
Not able to get rid of security-related questions in runtime
Hi,
I am simply using NetBeans 6.0.1 and the emulator QwertyDevice and the emulator platform WTK 2.5.2 for CLDC.
I have chosen Alias as trusted in the signing option in the project configuration page. however still I am getting security confirmation questions in runtime to access the local files for instance.
Would anyone please advise me how to get rid of that?
Also I have deployed the application on SonyEricsson k800i and would like to get rid of the security confirmations on that device as well. What is the guideline?
Thank youRight clicking on it is not even an option, just hovering over it seems to induce a "nuclear" reset of the whole desktop and graphic card on the iMac.
Have meanwhile found a possible solution by erasing the dock preference file in the user/library/preferences folder to reset the dock to it's default state. Will try this out through a Skype conversation with that Buddy.
Was seen here :
https://discussions.apple.com/message/16447109#16447109
Thank you for stepping in. Good to know that people are still willing to help in this community.
Greetz to the UK from France -
Error #2048: Security sandbox violation
I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.
I'm testing out Gumbo in my same environment (new workspace): WAMP based
My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.
Specifically:
- I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)
- I set method to POST and useProxy to false
(<fx:Declarations>
<s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
</fx:Declarations>)
- I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says
body = (null)
clientId = "DirectHTTPChannel0"
correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#1
DSStatusCode = 0
messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
rootCause = (flash.events::SecurityErrorEvent)#2
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#3
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#3
text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
type = "securityError"
timestamp = 0
timeToLive = 0
*NOTE: I obfuscated parts of the url for security reasons
I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)
I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...
Is this a bug or am I missing something new in the Gumbo ?
Again: my swf file is in a folder in the webroot on my ISP
also inside that folder is another folder with an XML file in it
I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)
changing the url to an absolute makes no difference...
thanks in advance for any helpSure...
here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:
private var loader : URLLoader = new URLLoader();
private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated
protected function Application_creationComplete():void
// This works...
loader.addEventListener( Event.COMPLETE, parseContent );
loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );
// This does not...
/* contentService.addEventListener( ResultEvent.RESULT, parseContent );
contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
try
loader.load( req );
catch (err:Error)
Alert.show("In Try Catch Error Block: " + err.message);
currentState='home';
the HTTPService was set up like this: (again, i obfuscate the URLs for security)
<fx:Declarations>
<s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
</fx:Declarations>
the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.
hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs) -
Flex 4 + AIR 2 + mx:Image = Security Sandbox Violation!
Hi there!
I've been using Flex 4 and AIR 2 for some time now and there's a bug (or is it really one) that I always get and can't understand...
Whenever I use a <mx:Image> to load an image (JPG) on a remote server that has a valid crossdomain.xml I get some annoying warnings. Of course, these only are warnings and everything runs fine (except that) but it's a pain to debug an app that has lots of logs like that:
*** Security Sandbox Violation ***
SecurityDomain 'http://static-p3.fotolia.com/jpg/00/07/56/92/110_F_7569245_9hdeWKxUxFRNYuowdSDBNv0YFN9xTJ9 S.jpg' tried to access incompatible context 'app:/Main.swf'
I've googled it and found lots of others folks/threads about this, but none of them provide a valid solution... Seems like it's specific to AIR because some answers/solutions I found work in a basic SWF, but fail in an AIR app.
Is that a bug in Flex?
Am I wrong about the crossdomain.xml?
How could a JPG raise a Security Sandbox Violation?
Tips or tricks, anyone?AIR has different security rules because it doesn't really have a "domain"
to compare against crossdomain.xml. The warnings are annoying and
misleading and usually indicate that some code is trying to access the
bitmap inside a try/catch block. Usually you can ignore any warning that
doesn't stop execution. -
*** Security Sandbox Violation *** problem
Dear All,
I having the Security problem
My Scinarion
I have an Exe (With SWISH Studio) / Swf file which is on Local Machine calles a swf file which on Server and that Swf file call a XML file which is on a Same Server
While Compiling the SWF file gives the following error message of
*** Security Sandbox Violation ***
SecurityDomain 'http://www.mydomain.com/folder/swfname.swf?mathrand=Wed Apr 8 19:39:27 GMT+0530 2009' tried to access incompatible context 'file:///D|/folder/swfname.swf'
I have already tried for
System.security.allowDomain("*"); and crossdomain.xml
But it dosen't worked for me
I will appriciate if any one can give me a ray of hope to solve this problem
Please give me some solution
Regards
RajDear Kglad,
Thanks for your instant reply as I have already mention I have tried with crossdomain.xml
If you want to check the crossdomain and the fla files then I will mail u the details please provide me the email address
Once again thanks
Regards
Raj
Maybe you are looking for
-
G3 won't boot 8.6 or 9 Install CD's
I have a B&W G3 that currently has 10.2 on it. I'm trying to install the original system on it (8.6), but it hangs or freezes when it reaches the "Happy Mac" on startup. I've also tried booting from an OS 9 CD (Universal installer), and it does the s
-
The picture in Messages is not the same as my iCloud/Contacts Me Card
Messages has pictures of yourself on one side and who you are chatting with on the other. I changed my account picture on my Mac and used the same one for Contacts. I went to iCloud.com and changed it there also. Messages on the Mac still shows the o
-
Can't print PDF file. Printer just sends out blank paper. Printer will print other non-PDF files.
Printer company said it was an adobe problem
-
the "Option-key + arrow" method of accessing iTunes library categories instead of Music Store does not seem to work in iT5 might there be a new key method for this? Thanks in advance
-
Black screen function messing transitions
SYSTEM PROFILE INFO: running Tiger 10.4.4 and Keynote 2 on a 600Mhz dual USB iBook PROBLEM: (Began having problems using Keyspan Presentation Remote after upgrading to KN2 and 10.4.4); when using the "black screen" keystroke feature in KN2 (I.e. comm