Reputation: 4096
"SecurityError: Error #2122" on loading content from a redirected image
This happens on many occasions when loading content from the web, but for us, it's most common loading images through Facebook's graph shortcut call.
Something as simple as:
package
{
import flash.display.Loader;
import flash.display.LoaderInfo;
import flash.display.Sprite;
import flash.events.Event;
import flash.net.URLRequest;
import flash.system.LoaderContext;
public class RedirectTestFail extends Sprite
{
private const url:String = 'https://graph.facebook.com/4/picture';
private const context:LoaderContext = new LoaderContext(true);
public function RedirectTestFail()
{
var loader:Loader = new Loader();
loader.contentLoaderInfo.addEventListener(Event.COMPLETE, onComplete);
loader.load(new URLRequest(this.url), this.context);
}
protected function onComplete(event:Event):void
{
this.addChild((event.target as LoaderInfo).content);
}
}
}
Gives a dreaded "SecurityError: Error #2122" error.
Upvotes: 4
Views: 3376
Answers (2)
Reputation: 41
if you no need to manipulate pixels with loaded image BitmapData object, then you can just remove context from the loader.load
but without context.checkPolicyFile = true you will cant add smoothing to image
Upvotes: 0
Reputation: 4096
Despite other answers suggesting something as simple as:
Security.loadPolicyFile("https://fbcdn-profile-a.akamaihd.net/crossdomain.xml");
This isn't clear, nor comprehensive enough. Facebook have different image servers, that I've which I've been caught with before. This could be deemed a Flash Player Bug, which I'd accept, but as a security concern, I can understand them not allowing a redirect by default, as in you should handle it yourself.
I now use below. You try to do your normal behaviour, but wrap it in a try/catch for SecurityError. If one is thrown, catch it, and if the domain of the loaderInfo is different to the domain you requested, you run a 'Security.allowDomain' and 'Security.loadPolicyFile' on it, and attempt to load it one more times. This works perfectly in practise, with only a tiny amount of overhead.
package
{
import flash.display.Loader;
import flash.display.LoaderInfo;
import flash.display.Sprite;
import flash.events.Event;
import flash.net.URLRequest;
import flash.system.LoaderContext;
import flash.system.Security;
public class RedirectTest extends Sprite
{
private const url:String = 'https://graph.facebook.com/4/picture';
private const context:LoaderContext = new LoaderContext(true);
public function RedirectTest()
{
var loader:Loader = new Loader();
loader.contentLoaderInfo.addEventListener(Event.COMPLETE, onComplete);
loader.load(new URLRequest(this.url), this.context);
}
protected function onComplete(event:Event):void
{
try
{
this.addChild((event.target as LoaderInfo).content);
}
catch(error:SecurityError)
{
trace(error);
var loaderInfo:LoaderInfo = (event.target as LoaderInfo);
var loaderDomain:String = loaderInfo.loader.contentLoaderInfo.url;
if(-1 == this.url.indexOf(loaderDomain))
{
Security.loadPolicyFile(loaderDomain + 'crossdomain.xml');
if( 0 == loaderDomain.indexOf('https') )
{
Security.allowDomain(loaderDomain);
}
else
{
Security.allowInsecureDomain(loaderDomain)
}
loaderInfo.loader.load(new URLRequest(this.url), this.context);
return;
}
throw error;
}
}
}
}
Upvotes: 1
Related Questions
- AS3:SecurityError:Error #2121:Security sandbox violation:LoaderInfo.content: x cannotaccess y.This maybe worked around by calling Security.allowDomain
- Why does flash block me from loading a cross domain swf only in one case?
- Flash Security Error Accessing URL with crossdomain.xml
- AS3. SecurityError: Error #2000 when simply load external jpg
- Loading external images from another domain
- Loading image from external domain in Flash AS3
- Flash AS3 - domain.com/crossdomain.xml and security error
- AS3 loader causes securityError #2044 despite crossdomain.xml
- AS3 Cross-domain Error
- How do I fix this cross-domain ActionScript 3 error?