SecurityError Security sandbox

Similar Messages

• BitmapData.draw() SecurityError: Security sandbox violation

  i am loading and playing a local video file with appendBytes() and when i call a bitmapData.draw() function
  below exception comes up.
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw
  cannot access null. No policy files granted access.
  what should i do???....

  Sir i already mention in my last message i test it with both relative and absolute.
  Yes i khow relative paths works fine when i do some thing like this
  <mx:VideoDisplay x="0" y="0" width="516" height="379" source="../user_data/uploads/cd73502828457d15655bbd7a63fb0bc8/v/1345023450-Action_.flv"/>
  bitmap.draw works fine in above case but my scenario is different i am loading a complete video as bytearray before playing and play video from that bytes
  private function fileLoaderComplete(event:Event):void
       //Pass the loaded bytes to player
         player.AddVideo(urlLoader.data);
  //This is Add video Function in Player.mxml
  public function AddVideo(VideobyteArray:ByteArray):void
                  if(ns == null)
                      var nc:NetConnection = new NetConnection();
                      nc.connect(null);
                      ns = new NetStream(nc);
                     // ns.checkPolicyFile = true;
                      ns.soundTransform = new SoundTransform(0.0);
                      ns.client = this;
                      ns.addEventListener(NetStatusEvent.NET_STATUS, nsStatus);
                  videoData = VideobyteArray;
                  GetTags(videoData);
                  ns.play(null);
                  ns.appendBytesAction(NetStreamAppendBytesAction.RESET_BEGIN);
                  ns.appendBytes(VideobyteArray);
                  video.attachNetStream(ns);
                  playBar.TogglePlay(true);
  i think its a bug in flash sdk 4.6 (Flash Player 11)
  bitmap.draw function somehow conflicts with the appendBytesAction or appendBytes
  this question is posted  on ActionScript 3.0 forum before
  http://forums.adobe.com/message/4650890#4650890
  http://flash.bigresource.com/flash-use-BitmapData-draw-with-NetStream-appendBytes--iTNz6LV JM.html
  http://stackoverflow.com/questions/5607047/how-can-i-use-bitmapdata-draw-with-netstream-ap pendbytes

• SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: cannot access

  When we try to print the Google Map API for Flash component, it is throwing the Security Sandbox Violation
        SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1 cannot access  http://mt1.google.com/vt/lyrs=m@171000000&hl=en&src=api&x=1&y=1&z=1&s=Gali&flc=x3t. No policy files granted access.
  at flash.display::BitmapData/draw()
  To avoid this error we tried to use the alternate API provided by library. But that also causing cross domain issue as it loading some 3d library internally which is not able to access our application.
  SecurityError: Error #2121: Security sandbox violation: BitmapData.draw: http://maps.googleapis.com/mapfiles/lib/map_1_20_10_3d.swf cannot access http://ps6143.persistent.co.in:8080/dv/SiteOptimizer/SiteOptimizer.swf/%5b%5bDYNAMIC%5d%5d /1http://ps6143:8080/aa/XYZ/Main.swf/[[DYNAMIC]]/1. This may be worked around by calling Security.allowDomain.
  at flash.display::BitmapData/draw()
  Please help us in resolving this issue.
  Thanks & Regrds,
  Ravi Darji

  There is no redirect... Charles is a web proxy so it will look completely legitimate to the browser.
  According to the help, it's getting the access request from the SWF itself and not the crossdomain.xml file:
  In the case of a source object other than a loaded bitmap, the source object and (in the case of a Sprite or MovieClip object) all of its child objects must come from the same domain as the object calling the draw() method, or they must be in a SWF file that is accessible to the caller by having called the Security.allowDomain()method.
  http://help.adobe.com/en_US/ActionScript/3.0_ProgrammingAS3/WS5b3ccc516d4fbf351e63e3d118a9 b90204-7d1b.html#WS5b3ccc516d4fbf351e63e3d118a9b90204-7c4a
  So the default state accessing a SWF on a different domain is protected, unless that SWF allows some or all domains to access it via the Security.allowDomain() method.

• This bug has been around for over a year: SecurityError: Error #2123: Security sandbox violation

  Hi,
  The bug of 'SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: file:///xxx/xxx.swf cannot access rtmfp://fms4.acrobat.com/cocomo/na2-sdk-xxx/xxx. No policy files granted access.' was first reported in lccs forum over a year ago:
  http://forums.adobe.com/message/2803074
  But the bug is still around. The bug can be generated by calling BitmapData.draw() on a flash.media.Video object which is attached to a p2p stream. It looks like the solution is to have the publisher to call:
  send("|RtmpSampleAccess", true, true)
  on the NetStream object _before_ the subscriber calls NetStream.play(), in order to give the permission to subscribers for audio and video streams.
  In lccs library, the above permission authorisation happens in WebcamPublisher:
  protected function onNetStatus(p_evt:NetStatusEvent):void
  if (p_evt.info.code=="NetStream.Connect.Success") {
  setTimeout(sendSnapShotPermission, 500);
  _stream.send("|RtmpSampleAccess", true, true);
  protected function sendSnapShotPermission():void
  _stream.send("|RtmpSampleAccess", true, true);
  but it doesn't help the problem. In fact, it is not clear to me when this 'snap shot permission' is sent to the subscriber.
  One more note: This is not a critisism for the lccs development quality, but rather a question on how ready lccs is for production use. After encountering this bug, I had to go through the lccs code (the open source parts), and found out that the library is not really written, well, carefully, and it is full of temporary quick-n-dirty fixes.
  For instance in the above example, sendSnapShotPermission() is called after 500 milliseconds, probably to allow something to happen before calling the method, but how can you be sure that it will happen in 500 milliseconds? Probably,an event listener should have been used. Immediately in the next line, we see:
  _stream.send("|RtmpSampleAccess", true, true);
  which is a duplicate of sendSnapShotPermission(). many examples like this can be found throughout the library.
  Aureliano

  Hi Nigel,
  Two questions:
  1. When the publisher sends the access permission to the subcriber by:
  netStream.send("|RtmpSampleAccess", true, true)
  , on the subscriber side, what event or function can handle the guaranteed receipt of the access permission? Currently it is possible to draw the incoming stream video upon receiving NetStream.Play.Star and waiting for 5 seconds or so:
  public class MyWebcamSubscriber extends WebcamSubscriber {
  override protected function layoutCameraStreams():void
  // trying the event listener seems to work here.
  _streamManager.addEventListener(NetStatusEvent.NET_STATUS, onNetStatus);
  override protected function onNetStatus(e:NetStatusEvent):void
  super.onNetStatus(e);
  case "NetStream.Play.Start":
  setTimeout(function():void {
  // draw the video from the incoming stream here.
  }, 5000);
  The questions is, which event can let the subscriber know that it has the access permission to the video stream?
  2. In WebcamPublisher, why is that the access permission is sent 3 times?
  a. Once on receiving NetStream.Connect.Success with 0.5 second delay, as in below.
  b. Once immediately upon receiving NetStream.Connect.Success, as in below.
  protected function onNetStatus(p_evt:NetStatusEvent):void
  if (p_evt.info.code=="NetStream.Connect.Success") {
  setTimeout(sendSnapShotPermission, 500);
  _stream.send("|RtmpSampleAccess", true, true);
  protected function sendSnapShotPermission():void
  _stream.send("|RtmpSampleAccess", true, true);
  c. Once in onConnectionTypeChange() with 2 seconds delay:
  protected function onConnectionTypeChange(p_evt:StreamEvent):void
  if ( _streamManager.isP2P) {
  _stream= new NetStream(_connectSession.sessionInternals.session_internal::connection as NetConnection,NetStream.DIRECT_CONNECTIONS);
  setTimeout(sendSnapShotPermission, 2000);

• I get a security sandbox error #2122 when i try to use ImageSnapshot on video player

  hey guys... so all my application does is... it has a video player... and when i initiate the component it loads the flv from a different server, and plays the video... now while its playing the video i have a button called capture, and whe you hit that button the user is able to take snapshots of the current frame.
  this seems to work perfectly locally, but as soon as i uploaded it to the server i get problems...
  the error states:
  SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: http://website1.com/Content/swf/oneStopImageVersion.swf cannot access http://website2.com/videos/originals/Grand_Opening.flv. A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
       at flash.display::BitmapData/draw()
       at mx.graphics::ImageSnapshot$/captureBitmapData()
       at modules.videoHandler::videoHandler/captureVideo()
       at modules.videoHandler::videoHandler/___videoHandler_LinkButton3_click()
  i have the crossdomain file in the root directory of website2.com, and i have the folloing line of code in there
  <?xml version="1.0"?>
  <cross-domain-policy>
       <site-control permitted-cross-domain-policies="all" />
       <allow-access-from domain="website1.com"/>
       <allow-access-from domain="*.website1.com"/>
           <allow-http-request-headers-from domain="*.website1.com" headers="SOAPAction"/>
  </cross-domain-policy>
  any ideas on how to fix this problem???
  my actionscript code is as follows
  public function captureVideo():void{
       var snapshot:BitmapData = ImageSnapshot.captureBitmapData(videoPlayer.videoDisplay);
       initialThumbnail.source = new Bitmap(snapshot); //this is the image tag in my mxml
  any help is greatly appretiated!!!!
  thanks in advance!

  any one with ideas???
  i've been doing some more research... and found a possible solution... where i could send the video thru a server proxy... but the only thing is doing that might slow down my process... i was wondering if there was any other solution to this problem??

• How to resolve security sandbox violation (Error#2148) in Flex 3 on XP?

  Hi,
  When I tried to access an image on c:\ (on XP), I get the following error:
  *** Security Sandbox Violation ***
  Connection to file:///C:\DBFiles\3.jpg halted - not permitted from http://localhost/test-debug/test.swf
  -- Remote SWFs may not access local files.SecurityError: Error #2148: SWF file http://localhost/ullmanphp-debug/ullmanphp.swf cannot access local resource file:///C:\DBFiles\INDSprintOrgChart.pptx\3.jpg. Only local-with-filesystem and trusted local SWF files may access local resources.
  at flash.display::Loader/_load()
  at flash.display::Loader/load()
  It looks like some sort of mismatch on security settings. I have done the following so far (based on what I got by googling....)
  1. Flex comipler setting additional compiler arguments:  -use-network=false
  2. I have added a crossdomain.xml on the source directory with these lines...
  <site-control permitted-cross-domain-policies="master-only"/>
  <allow-access-from domain="*"/>
  <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
  However, error is still appearing. How do I fix this for testing on my local machine. I cannot move to a webserver at this time.
  Thanks!.

  How do I set Security.sandboxType related to flash player? When I try to see it in my application through debugger it says "remote". I think I need to set it to one of the following from the adobe manual pages...
  Security.sandboxType has one of the following values:
  remote (Security.REMOTE)—This file is from an Internet URL and operates under domain-based sandbox rules.
  localWithFile (Security.LOCAL_WITH_FILE)—This file is a local file, has not been trusted by the user, and it is not a SWF file that was published with a networking designation. The file may read from local data sources but may not communicate with the Internet.
  localWithNetwork (Security.LOCAL_WITH_NETWORK)—This SWF file is a local file, has not been trusted by the user, and was published with a networking designation. The SWF file can communicate with the Internet but cannot read from local data sources.
  localTrusted (Security.LOCAL_TRUSTED)—This file is a local file and has been trusted by the user, using either the Flash Player Settings Manager or a FlashPlayerTrust configuration file. The file can read from local data sources and communicate with the Internet.
  application (Security.APPLICATION)—This file is running in an AIR application, and it was installed with the package (AIR file) for that application. By default, files in the AIR application sandbox can cross-script any file from any domain (although files outside the AIR application sandbox may not be permitted to cross-script the AIR file). By default, files in the AIR application sandbox can load content and data from any domain.
  Any input on how to set it would be greatly appreciated. Thanks!

• Security sandbox violation

  Can someone please help me see what's wrong with this picture?  Why is this security error happening?  Is there something I need to change with my crossdomain.xml file?
  LoadURL loadError [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: http://www.mysite/mySWF.swf cannot load data from http://mysite.com/scripts/myScript.php."]
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <site-control permitted-cross-domain-policies="master-only" />
  <cross-domain-policy>
  <allow-access-from domain="mysite.com" />
  <allow-access-from domain="www.mysite.com" />
  <allow-access-from domain="*.mysite.com" />
  </cross-domain-policy>

  nevermind, idk why I put the site control node outside of the cross-domain-policy root.

• Error #2048: Security sandbox violation

  I've been developing Flex apps for a couple of years now and feel comfortable with my development environment.
  I'm testing out Gumbo in my same environment (new workspace): WAMP based
  My test app works fine on my localhost set up... but when I upload the files to my hosted domain server... I get Error #2048: Security sandbox violation.
  Specifically:
  - I'm invoking an HTTPService by setting the url to a relative path (folder/file in same dir as the swf)
  - I set method to POST and useProxy to false
  (<fx:Declarations>
          <s:HTTPService id="contentService" url="data/verd_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>)
  - I wrapped the send call in a try / catch block and show an Alert with the error message in the catch... here's what it says
  body = (null)
    clientId = "DirectHTTPChannel0"
    correlationId = "F4B9A542-8B00-5CDB-3C36-1316919FC255"
    destination = ""
    extendedData = (null)
    faultCode = "Channel.Security.Error"
    faultDetail = "Destination: DefaultHTTP"
    faultString = "Security error accessing url"
    headers = (Object)#1
      DSStatusCode = 0
    messageId = "E629F555-EF8B-E535-7CE4-13169662A82A"
    rootCause = (flash.events::SecurityErrorEvent)#2
      bubbles = false
      cancelable = false
      currentTarget = (flash.net::URLLoader)#3
        bytesLoaded = 0
        bytesTotal = 0
        data = (null)
        dataFormat = "text"
      eventPhase = 2
      target = (flash.net::URLLoader)#3
      text = "Error #2048: Security sandbox violation: http://****.com/Main.swf cannot load data from http://localhost:***/data/verd_content.xml?hostport=***t.com&https=N&id=F4B9A542-8B00-5CDB -3C36-1316919FC255."
      type = "securityError"
    timestamp = 0
    timeToLive = 0
  *NOTE: I obfuscated parts of the url for security reasons
  I read the other similar posts here about problems like this when using the PHP / Zend set up... but I checked the .actionScriptProperties file and it does not have any URLs in there (like localhost:port#)
  I'm not using a service-config.xml file in this project... but I have set up WebORB for PHP servers and use that all the time... so I know how that works...
  Is this a bug or am I missing something new in the Gumbo ?
  Again: my swf file is in a folder in the webroot on my ISP
  also inside that folder is another folder with an XML file in it
  I'm setting an HTTPService call using the url parameter on a POST with a relative file path (folder/filename.xml)
  changing the url to an absolute makes no difference...
  thanks in advance for any help

  Sure...
  here's the code that contains both the HTTPService setup and the URLLoader setup... like i said in the original post.. the HTTPService call throws the error described, whereas the URLLoader call does not:
  private var loader : URLLoader = new URLLoader();
  private var req : URLRequest = new URLRequest("data/***dant_content.xml");//path obfuscated
  protected function Application_creationComplete():void
      // This works...
      loader.addEventListener( Event.COMPLETE, parseContent );
      loader.addEventListener( IOErrorEvent.IO_ERROR, contentFault );
      // This does not...
      /* contentService.addEventListener( ResultEvent.RESULT, parseContent );
          contentService.addEventListener(FaultEvent.FAULT, contentFault ); */
      try
          loader.load( req );
      catch (err:Error)
          Alert.show("In Try Catch Error Block: " + err.message);
          currentState='home';
  the HTTPService was set up like this: (again, i obfuscate the URLs for security)
      <fx:Declarations>
          <s:HTTPService id="contentService" url="data/***dant_content.xml" method="POST" useProxy="false" resultFormat="e4x" />
      </fx:Declarations>
  the parseContent function setup in the event listener justs reads the XML file and uses that data to build an image gallery.
  hope this helps (for what its worth: I'm not doing anything serious with Gumbo as of yet due to these kinds of bugs)

• BitmapData.draw Security Sandbox and LocalTrusted not working?

  Hello there, wondering if anyone else is having the same
  problem -- I have a LocalTrusted security sandboxType -- and when i
  try to access a BitmapData.draw method on a progressive flv, i get
  the error message:
  SecurityError: Error #2135: Security sandbox violation:
  BitmapData.draw: file://file.swf may not access null. RTMP content
  cannot be accessed using this API.
  I've rechecked my sandbox type a zillion times, as well as
  tried putting allow="*" in the crossdomain policy file ....
  is this an error in my security settings -- or is
  bitmapdata.draw on video objects now "gone"?

  Could you try this - Open and swf, rightClick - Goto
  settings, then click Advanced. On the webPage click on "Global
  Security settings panel".
  If you don't find your local directory in there, add it and
  see if things work?
  If not, it would be good if you could post the chunk of code
  which is creating problems.

• Security sandbox violation: BitmapData.draw

  Hello,
  I got this error:
  SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: A policy file is required, but the checkPolicyFile flag was not set when this media was loaded. 
  when I try to draw a frame of a movie that is downloading from another server. Crossdomain.xml is set. Another Jpgs are correctly drawn but only a movie causes an error.
  I need to checkPolicyFile but where should I do this? I have no direct access  to Loader to set up LoaderContext(true) ...
  Thanks,
  Michal

  I too would love to know how we can pass in our own LoaderContext to set the security domain. I'm receiving the same error after snapshotting a loaded SWFElement bug/watermark.
  e.g.
  var bug:MediaElement = new SWFElement(new URLResource(url));
  var bugTrait:LoadTrait = bug.getTrait(MediaTraitType.LOAD) as LoadTrait;
  bugTrait.load();

• Security Sandbox Error

  I keep getting this sandbox violation when I try and stream
  this video using NetStream and NetConnect. I'm getting the path
  from an XML file. If i just pop the path into an FLVPlayback
  component, it works just fine. Any Ideas?
  Edited to hide IP.

  I'm running into the same issue:
  HTTPStatus: 200
  *** Security Sandbox Violation ***
  Connection to "
  http://www.myurl.com/videos/Eagle.flv"
  halted - not permitted from
  file:///X|/Projects/Current/Video/Vrs4%2D2/Videos.swf
  SecurityError: Error #2147: Forbidden protocol in URL "
  http://www.myurl.com/videos/Eagle.flv"
  at flash.net::URLStream/load()
  at flash.net::URLLoader/load()
  at fl.video::SMILManager/
  http://www.adobe.com/2007/flash/flvplayback/internal::connectXML()
  at fl.video::NCManager/connectToURL()
  at fl.video::VideoPlayer/
  http://www.adobe.com/2007/flash/flvplayback/internal::_load()
  at fl.video::VideoPlayer/load()
  at fl.video::FLVPlayback/::doContentPathConnect()
  at fl.video::FLVPlayback/set source()
  at Videos_fla::MainTimeline/onDataLoad()
  at
  flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunction()
  at flash.events::EventDispatcher/dispatchEvent()
  at flash.net::URLLoader/flash.net:URLLoader::onComplete()
  My action script looks like:
  import fl.video.*;
  var flvPlayer:FLVPlayback = new FLVPlayback();
  addChild(flvPlayer);
  //The next line assumes you have copied the skin file to the
  local directory
  flvPlayer.skin = "
  http://www.myurl.com/includes/SkinUnderPlayStopSeekMuteVol.swf"
  //Create the URLLOader instance
  var myLoader:URLLoader = new URLLoader()
  //the data will come as URL-encoded variables
  myLoader.dataFormat = URLLoaderDataFormat.VARIABLES
  //Load using an URLRequest, even beeing local
  myLoader.load(new URLRequest("
  http://www.myurl.com/videos/video-working.asp"))
  //onLoad handler listener
  myLoader.addEventListener(Event.COMPLETE, onDataLoad)
  //Error handling
  myLoader.addEventListener(IOErrorEvent.IO_ERROR, onIOError)
  myLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR,
  onSecurityError)
  //Could be an error or just a message
  myLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS,
  onHTTPStatus)
  //add a listener for the complete event
  function onDataLoad(evt:Event){
  Comments_txt.text = evt.target.data.Comments
  Commented_txt.text = evt.target.data.Comments
  flvPlayer.source = evt.target.data.Comments;
  //error callbacks
  function onIOError(evt:IOErrorEvent){
  trace("IOError: "+evt.text)
  function onHTTPStatus(evt:HTTPStatusEvent){
  trace("HTTPStatus: "+evt.status)
  function onSecurityError(evt:SecurityErrorEvent){
  trace("SecurityError: "+evt.text)
  My text boxes are there to confirm that the variable is
  loading which it does. Which they do. When I put the URL directly
  into the actionscript is runs but once it's loaded I get the
  Sandbox Security Error.
  Is this Adobe's way of making you purchase the Media Server
  to make it work? Before I was happy with the Merger but now it's
  seemingly like they make it so you have to buy more products to do
  the same stuff. Any help appreciated...

• AIR, Fonts, CS4 and the security sandbox

  I have no idea why embedding fonts in CS4 using library->new font includes every european character EXCEPT polish. You have german, french, spanish, norwegian, but not polish. Well, since embedding a font from Flash is the only way to use bitmap fonts in Flex, I had to create a library of external font files, one SWF per font size and style. Such an SWF exposes several functions, such as returning a ready to use pre-formatted textfield, returning the font name (Such as Tahoma) and the font name you actually need to use (such as Tahoma_13pt_st).
  I thought I'd need an AIR application to parse through all the fonts (and there are quite a few) extract the neccesary data, such as font size, name and so on and generate an XML file, so that I can load fonts at dynamic.
  The first problem I encountered was the security sandbox. A possible solution was to use the loaderInfo.childSandboxBridge. That approach didn't work however, as I was generating plain SWF files from flash CS4. childSandboxBridge is an AIR property, so I had to create an AIR file and try to set the bridge property to a simple number. So I did, but it gave me a
  SecurityError: Error #3206: Caller app:/TahomaBold13.swf cannot set LoaderInfo property childSandboxBridge.
  Weird. Well, I reverted the file to plain CS4 FPL10 SWF and decided to try another approach. I first loaded the SWF as a FileStream, then put the bytes into Loader.loadBytes. That should take care of security. And it did, however it created another problem.
  The font library relies on being able to enumerate the embeded fonts. The SWF's constructor has a function that enumerates all fonts and isolates the font embeded in the SWF, and then extracts it's properties. When launching the SWF by itself, or loading it from another CS4 FPL10 SWF it launches perfectly and enumerates the fonts as it should. However when the SWF is executed from inside AIR, the constructor located in the font file, as well as a function called from the main application upon executing enumerateFonts(false) both give an empty array. Which is quite weird really, as the loaded SWF contains an input TextField with embedded fonts. And I can edit and type stuff in that textfield, even while it's rotated.
  I thought this might be an issue of a different flash player version, but I tried to target AIR 1.5 and flash 9, neither worked and both returned no embeded fonts.
  Here's the entire source of the mxml air app
  <?xml version="1.0" encoding="utf-8"?>
  <mx:WindowedApplication xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute">
       <mx:Panel x="0" y="0" width="100%" height="100%" layout="absolute" title="M2C Studio Font Parser Utility">
            <mx:VBox x="0" y="0" width="100%" height="100%" paddingRight="10" paddingLeft="10" paddingTop="10" paddingBottom="0">     
                 <mx:HBox x="10" y="10" width="100%" height="95%">
                      <mx:VBox width="50%" height="100%">
                           <mx:Label text="Select font directory from filelist below"/>
                           <mx:FileSystemTree width="100%" height="50%" id="fileTree"/>
                           <mx:HRule width="100%"/>
                           <mx:Label text="Fonts list"/>
                           <mx:Text width="100%" height="50%" id="fontlist"/>
                      </mx:VBox>
                      <mx:VRule height="100%"/>
                      <mx:VBox width="50%" height="100%">
                           <mx:Label text="XML Output"/>
                           <mx:TextArea width="100%" height="50%" backgroundColor="#ECE9E9"/>
                           <mx:Canvas width="100%" height="50%" id="canv">
                           </mx:Canvas>
                      </mx:VBox>
                 </mx:HBox>
                 <mx:Button label="Generate XML from directory" width="100%" click="handlePress();"/>
            </mx:VBox>
       </mx:Panel>
       <mx:Script>
      <![CDATA[
           import flash.utils.setInterval;
           import com.m2cstudio.archont.utility.fonts.FontLibraryItem;
           import com.m2cstudio.archont.utility.fonts.IFontLibraryItem;
           import mx.accessibility.AlertAccImpl;
               import mx.controls.*;
              import mx.events.*;
              import mx.controls.Alert;
              var rx:RegExp = /^.*\.swf$/;
              function handlePress():void
                   // This also throws an error
                   //Security.allowDomain("*");
                   var file:File = fileTree.selectedItem as File;
                   var aLoad:Array = new Array();                 
                   if(!file)
                        Alert.show("You must select a folder", "Error");
                        return;
                   } else if(!file.isDirectory) {
                        Alert.show("You must select a folder, not a file", "Error");
                        return;
                   var aList:Array = file.getDirectoryListing();
                   for each (var fil:File in aList)
                        if(!fil.isDirectory)
                             if(fil.nativePath.match(rx))
                                  // Is swf
                                  var fs:FileStream = new FileStream();
                                  fs.addEventListener(Event.COMPLETE, handleFileStreamLoaded);
                                  fs.openAsync(fil, FileMode.READ);                       
              function handleFileStreamLoaded(e:Event):void
                   var fs:FileStream = e.target as FileStream;
                   var ld:Loader = new Loader();
                   var lc:LoaderContext = new LoaderContext();
                   var ba:ByteArray = new ByteArray();
                   lc.allowLoadBytesCodeExecution = true;
                   fs.readBytes(ba);
                   fs.close();
                   ld.contentLoaderInfo.addEventListener(Event.COMPLETE, handleLoaded);
                   ld.loadBytes(ba, lc);        
              function handleLoaded(e:Event):void
                      var cnt:FontLibraryItem = e.target.content as FontLibraryItem;
                      cnt.rotation=10; // Rotation, just to be sure it's not using system fonts
                      canv.rawChildren.addChild(cnt);
                      // This doesn't output anything - neither the main app nor the loaded SWF 'see' any embedded fonts, even though the later uses them!
                      for each (var f:Font in Font.enumerateFonts(false))
                           Alert.show(f.fontName, f.fontType);     
                      // This should retrieve the appropriate values but throws an error because the SWF can't grab the Font definition
                      //Alert.show(cnt.getFontName(), cnt.getFontStyle());               
      ]]>
      </mx:Script>
  </mx:WindowedApplication>
  Here's a screen of what it actually looks like when compiled:
  Here's the source of the font library item. Note that the SWF contains only 2 items. A TextField named font with embeded characters and a boolean bt on the first frame.
  package com.m2cstudio.archont.utility.fonts
       import flash.display.MovieClip;
       import flash.text.*;
       public dynamic class FontLibraryItem extends MovieClip implements IFontLibraryItem
            private var txtFont:TextField;
            private var fFont:Font;
            public function FontLibraryItem()
                 super();
                           // Causes an error - see below why
                 //init();
            public function getFontName():String
                 return fFont.fontName;
            public function getFontType():String
                 return fFont.fontType;
            public function getFontStyle():String
                 return fFont.fontStyle;
            public function getBitmapText():Boolean
                 return this.bt;
            public function getBitmapTextSize():uint
                 if(this.bt) {
                      return Number(txtFont.defaultTextFormat.size);
                 } else {
                      return 0;
            public function hasGlyphs(glyphs:String):Boolean
                 return fFont.hasGlyphs(glyphs);
            public function createTextField():TextField
                 var tf:TextField = new TextField();
                 tf.embedFonts = true;
                 tf.defaultTextFormat = (this.font as TextField).defaultTextFormat;
                 return tf;
            public function init():void
                 if(this.font) {
                      txtFont = this.font;
                 } else {
                      throw new Error("Document must contain a textfield named 'font' with the embedded font");
                 var fArr:Array = Font.enumerateFonts(false);
                 if(fArr.length==0) {
                      throw new Error("Document does not contain any embeded fonts.");
                 } else if (fArr.length>1) {
                      throw new Error("Document must contain not more than one embedded font");
                 fFont = fArr[0];
  I'm hoping some AIR specialists will take a look at this. Frankly I'm stumped. Font support in Flash was always black magic, more or less, so I can only hope this is an issue that can be solved.
  Just tell me and I'll provide more source or sceenshots.
  Cheers,
  -archont

  I even tried porting the code to Gumbo and running it there - still, no fonts are being enumerated.
  If you're too lazy to read the whole above post, here's the problem in one sentence
  An SWF that contains a textfield with embedded fonts, when launched by itself succeeds to return the embedded font using Font.enumerateFonts(false), however when loaded using Loader.loadBytes into AIR, it fails to see those fonts even though the textfield in it is displayed and editable.
  How do I make the loaded child application and AIR see the embedded font?

• Error 2142 - security sandbox violation

  Hi,
  I have a problem when I try to compile my player, I get the following error:
  SecurityError: Error #2142: Security sandbox violation: local SWF files cannot use the LoaderContext.securityDomain property. file:///C|/development/Flash/Pathe%20ads/New%20cmpt%20sample%20code/AS3ComponentDemoCode% 5Fv2.1/DemoPlayer3Component.swf was attempting to load http://objects.tremormedia.com/embed/swf/acudeo.swf?rand=949275459.
  What's odd is that:
  1. I have used Security.allowDomain("http://objects.tremormedia.com/"); in the source code
  2. This was working fine the day before last!
  I have tried adding a crossdomain.xml file in the folder where I build the player, still no joy.
  Can anyone help me with this? I tried throughout yesterday to fix it to no avail. I've even tried installing and building the player on a different machine to double check there wasn't something wrong on my PC.
  Any help would be great - I'm tearing my hair out!

  Hi,
  If you're still having issues, feel free to reach out to us directly. [email protected] or me personally at [email protected]
  Thanks,
  Andrew Baisley
  Sr Solutions Engineer
  Tremor Media

• Flex == Socklet Policy  == Security sandbox violation ?!?!?!?!

  Please help me with this problem. I'v had this problem for
  over a month
  I'm trying to connect to my C# server through my Flex client.
  Flex client in running on IIS (c:/inetpub/wwwroot)
  the policy file in on the root folder of IIS
  <?xml
  version="1.0"?>
  <cross-domain-policy>
  <allow-access-from domain="*" to-ports="*" secure="false"
  />
  </cross-domain-policy>
  1: I tried to use the loadPolicy method before i connect
  through sockets
  Security.loadPolicyFile("h ttp://localhost/crossdomain.xml");
  (space does not exist in real code)
  2: flex sends this message to server side while connecting
  ("<policy-file-request/>") so as soon as i get this message
  on server side i read the policy text from crossdomain.xml and i
  send ti back to the client.
  eventhough i get a security error the client is still able to
  connect to the server and send messages but it cannot receive any
  message
  I get the following security error:
  [SecurityErrorEvent
  type="securityError" bubbles=false cancelable=false eventPhase=2
  text="Error #2048: Security sandbox violation:
  file:///C:/Inetpub/wwwroot/ClientFlex/bin-debug/Client.swf cannot
  load data from 10.0.0.3:8000."]Error #2048: Security sandbox
  violation:
  file:///C:/Inetpub/wwwroot/ClientFlex/bin-debug/Client.swf cannot
  load data from 10.0.0.3:8000.
  y am i still getting this error???????????
  some people suggested to read the log files: but i followed
  all adobe tutorials to turn os loggin, but couldn't get it to work.
  mm.cfg does not exist, log folder for flash player does not exist,
  log.txt for flash player does not exists.

  Hi,
  In the move from Flash Player 9 to 10, Adobe increased the security constraints on sockets. If you are using sockets to connect to an "un-trusted" server, then you will still need a Cross-Domain Policy file, however that policy file must also be served up through sockets (not through HTTP).
  You will need to run a socket server on the server you are connecting to in order to serve up the appropriate XML document through port 843 (by default). This socket server can be implemented in any number of ways, but I use a Java socket server that Thomas over at LessRain has posted on their blog. You can find it here: http://www.blog.lessrain.com/as3-java-socket-connections-to-ports-below-1024/
  Good luck,
  Taylor
  4Point Solutions Ltd.
  http://blogs.4point.com/taylor.bastien/

• Security Sandbox violation bitmapData.draw() cant access null

  very strange.  I am testing with two different HD streams.  One an akamai stream and another one of our clients not on akamai and using an F4M manifest file.  I have tried allowing the domain and they have a crossdomain.xml file on their side but i still get this error.  
  SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://web.mobilerider.com/flash/osmflive/OSMF_Live.swf?mediaID=190&vendorID=513&extras=vs :1,skin:osmf_live,muteOn:0,autoplay:1,live:1,showArchive:1,&serviceID=2&jsID=1316213568052 cannot access null. No policy files granted access.
  any help would be very appreciated, thanks

  Hello!
  This seems to be relevant:
  http://forums.adobe.com/message/3759490#3759490