CODEWITHSUNDEEP
actionscript-3loadflashsandbox
astralmaster
astralmaster

Reputation: 2465

as3 Security Sandbox Violation

I've read all similar topics already with no luck, so I'm posting a new question about this error.

I am trying to load a swf file from another swf file using this code:

var loader:Loader = new Loader()

//listen for loading progress
loader.contentLoaderInfo.addEventListener(ProgressEvent.PROGRESS, onProgress);

//listen for when the load is finished
loader.contentLoaderInfo.addEventListener(Event.COMPLETE, onComplete);

loader.contentLoaderInfo.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onLoaderError);

//load!
var rr:URLRequest = new URLRequest("http://localhost/Gen-Tree.swf")
loader.load(rr);


function onLoaderError(event:SecurityErrorEvent) {
    trace("hi")
}

function onProgress(event:ProgressEvent):void
{
    //calculate how much has been loaded
    var percentageLoader:Number = event.bytesLoaded / event.bytesTotal;

    //use your percentage number here to drive a loader bar graphic
}

function onComplete(event:Event):void
{
    //remove listeners now that loading is done
    loader.contentLoaderInfo.removeEventListener(ProgressEvent.PROGRESS, onProgress);
    loader.contentLoaderInfo.removeEventListener(Event.COMPLETE, onComplete);

    //add loaded swf to the stage
    addChild(loader.content);

}

and I get an error messages as follows:

SecurityDomain 'http://localhost/Gen-Tree.swf' tried to access incompatible context 'file:///C|/Users/Alex/Desktop/Gen%2DTree%202012/Programming/loader.swf'
*** Security Sandbox Violation ***
SecurityDomain 'http://localhost/Gen-Tree.swf' tried to access incompatible context 'file:///C|/Users/Alex/Desktop/Gen%2DTree%202012/Programming/loader.swf'
*** Security Sandbox Violation ***
SecurityDomain 'http://localhost/Gen-Tree.swf' tried to access incompatible context 'file:///C|/Users/Alex/Desktop/Gen%2DTree%202012/Programming/loader.swf'

Any ideas?

Upvotes: 1

Views: 11870

Answers (3)

new bie
new bie

Reputation: 19

var loader_context:LoaderContext = new LoaderContext();
if (Security.sandboxType!='localTrusted') loader_context.securityDomain = SecurityDomain.currentDomain;
loader_context.applicationDomain = ApplicationDomain.currentDomain;
currentLoader = new Loader();
currentLoader.contentLoaderInfo.addEventListener(ProgressEvent.PROGRESS, onProgress);
currentLoader.contentLoaderInfo.addEventListener(Event.COMPLETE, onLoadComplete);
currentLoader.load(new URLRequest(baseLink + pName + ".swf"), loader_context);

Maybe you can try to add loadercontext to it.

Upvotes: 1

brubs
brubs

Reputation: 1357

You could try to load the swf and than reload the loaders content with loader.loadBytes(). that way you make a bytearray clone of the swf and bypass the security sandbox. till now it works pretty well with images. I explained the process on my blog: http://www.inklink.co.at/blog/?p=14

an example with images follows:

function loadPicture():void
{
    var req:URLRequest = new URLRequest("YOUR_URL_HERE");
    var _picLoader:Loader = new Loader();
    _picLoader.contentLoaderInfo.addEventListener(Event.COMPLETE,loader2ByteArray);
    _picLoader.load(req);
}
 
function loader2ByteArray(evt:Event):void
{
    var lInfo:LoaderInfo = LoaderInfo(evt.target);
    var ba:ByteArray = lInfo.bytes;
    reloadByteArray(ba);
}
 
function reloadByteArray(ba:ByteArray):void
{
    var reloader:Loader = new Loader();
    reloader.loadBytes(ba);
    reloader.contentLoaderInfo.addEventListener(Event.COMPLETE, reloaderComplete);
}
 
function reloaderComplete(evt:Event):void
{
    var imageInfo:LoaderInfo = LoaderInfo(evt.target);
    var bmd:BitmapData = new BitmapData(imageInfo.width,imageInfo.height);
    bmd.draw(imageInfo.loader);
    var resultBitmap:Bitmap = new Bitmap(bmd);
    addChild(resultBitmap);
}

hope it helps!

Upvotes: 4

redhotvengeance
redhotvengeance

Reputation: 27866

You're trying to load the external swf off of the file system, which will throw security errors. Put it up on a server, and it should work fine, as long as both swfs are on the same domain. Or run a local server and try it on that.

If the two swfs aren't in the same domain, you'll need to add a crossdomain.xml. It'll go on the server root and it'll look something like this:

<?xml version="1.0"?>
<cross-domain-policy>
    <allow-access-from domain="*" />
</cross-domain-policy>

Except you shouldn't just use * as it'll open you up to security risks. You'll want to specifically white-list the other domain. You can learn more about cross domain policy files here.

UPDATE:
Additionally, since the loader swf is accessing the content it is loading (through loader.content), you'll need to add security permissions to that content swf (looks like it is called Gen-Tress.swf):

import flash.system.Security;

Security.allowDomain("*");

It's also worth noting that Loader is a DisplayObject, meaning you can directly add it to the stage with addChild(loader) instead of addChild(loader.content). By not accessing the Loader's content, you can usually avoid security sandbox violation errors and not have to deal with allowing domains and cross domain policies.

Upvotes: 10

Related Questions