Javascript bridge to Flash to store SO "cookies" within flash

Question

After reading this on the question How do I uniquely identify computers visiting my web site? :

A possibility is using flash cookies:

Ubiquitous availability (95 percent of visitors will probably have

flash)

You can store more data per cookie (up to 100 KB)

Shared across browsers, so more likely to uniquely identify a machine

Clearing the browser cookies does not remove the flash cookies.

You'll need to build a small (hidden) flash movie to read and write them.

I tried to find if someone has already done something like this, so I wouldn´t have to reinvent the wheel. So far, no luck(maybe I don´t know the right term to search), except for the code in the flash side

The use I have for this is to prevent a user to answer a quiz multiple times, but future uses maybe banning trolls.

Does anyone knows a open source library that does this and allows me to access via javascript?

Caveats: I don't know flash and I don't own a license.

Edit: You can do that using evercookie. It's kind of evil, but works.

Answer 1

BakedGoods seems to be exactly what you need (or rather, what you did need); its a Javascript library that establishes a uniform interface that can be used to conduct common storage operations in all native, and some non-native storage facilities, including Flash Locally Shared Objects (the "cookies" you speak of).

With it, creating an LSO can be accomplished with code as simple as:

bakedGoods.set({
    data: [{key: "key", value: "value"}],
    storageTypes: ["flash"],
    complete: function(byStorageTypeRemovedItemKeysObj, byStorageTypeErrorObj){/*code*/}
});

Retrieving and removing data is just as easy. Trust me on all of this, I would know; i'm its maintainer :)

---

If for whatever reason you'd prefer to roll out your own solution, rmeador and ForYourOwnGood have supplied you with enough information to help you get started.

They've forgot to tell you how to do one very important thing, however: how to access, with Javascript, the Actionscript code that will handle the Shared Objects.

First, you will need to encapsulate your ActionScript code in a method, and then register that method as part of the ExternalInterface of its parent application:

function handleObjects(/*param1, param2, ... */):void {/*code*/}
ExternalInterface.addCallback("handleObjects");

Second, you will need to compile your Actionscript application (your code), and create an element in your HTML that references the resultant .swf file.

Then, assuming the aforementioned HTML element is represented as a DOMElement named flashDOMElement, you can call your method with the DOMElement:

flashDOMElement.handleSharedObjects(/*arg1, arg2, ... */);

And that's it! There are a couple of things that we've failed to mention or skimmed over, but all in all, rolling out your own solution is not hard. Rolling out your own reliable solution, however, is a different matter, which is partly why I suggest you use BakedGoods.

Answer 2

Evercookie definitely gets the job done, but this is a little closer to what you were originally asking for: https://github.com/nfriedly/Javascript-Flash-Cookies MIT license.

Answer 3

For people searching for this now, be sure do check out evercookie.

Answer 4

To build on what rmeador said, and to help get you started, you are going to need to know how to use two classes in the FLEX3 API, SharedObject and ExternalInterface.

SharedObject will allow you to store and retrive data from a client computer and ExternalInterface will allow your actionscript to communicate with your javascript.

Using shared object is simple.

To put data onto a users machine just create a SharedObject and add properities to the sharedObject's data properity.

  private var sharedObject : SharedObject = SharedObject.getLocal("myCookie");
  sharedObject.data.DATA_FOR_THE_COOKIE = DATA;

Retriving data from the SharedObject is just as simple. Make sure the size of the SharedObject is greater than 0 (Make sure the SharedObject exists) and the just look up the properity names through the SharedObject's data properity.

if(sharedObject.size > 0)
       // access data from cookie with -> sharedObject.data.DATA_FROM_THE_COOKIE;

To pass the data stored in the SharedObject to your javascript you are going to need to use ExternalInterface.

Lets say you have a javascript function to retrieve the variables

function retrieveVars( vars ){
   // Do something with vars.
}

To call this function from actionscript you will use

ExternalInterface.call("retrieveVars", DATA_ITEM_1, DATA_ITEM_2, ...);

Its that simple.

Please note that this technique will not work if the client's flash player has its storage settings set at 0, or if the client's browser does not have ActiveX or NPRuntime.

Answer 5

I'm hesitant to answer your question, because it sounds like this is straying dangerously close to Evil... Also, it's doomed to failure. If you really want to prevent a user from answering a quiz multiple times, the best thing you can do is have them register a user account. If you want to prevent them from registering multiple user accounts, you can have them verify something through a credit card or snail mail, both of which are generally untenable solutions. In short, the internet is anonymous.

Anyways, if you really want to go forward with this plan, you can build your application in Flex (a variant of Flash) fairly trivially. There's tons of documentation on the Adobe site. Some of it is rather sparse and annoying, particularly the collections API, but it'll be sufficient for your purposes. ActionScript (the programming language underlying both Flash and Flex) is very much like JavaScript and easy to learn. Flex has a free SDK (usually available in a small link from the page that tells you to get the expensive Flex Builder; Flex Builder is a primarily GUI tool, whereas you'll be writing straight code without an IDE with just the SDK), so a license shouldn't be a problem. The JavaScript to Flash bridge is also well documented.