Reputation: 1
How do you change the allowscriptaccess in a browser programmatically?
Specify your operating system: Windows 7 (64 bit) Video Capable Audio Capable and Local File I/O Enabled.
Specify your web browser and version: (Firefox 6.0.2 32bit)
Specify your Flash Player version win 10,3,183,5 Debug Player: NO
Give us a brief explanation of the problem, please include any information you feel is important
Question: Where do I start?
The reason for this question: I am a developer of ASP.Net web applicaiton which has to meet HIPAA and CMS standards.
Currently, the web application runs on secure network and under https to a secure encrypted sql server, but open to public internet with secure login for specific members.
The other day, I was testing in VS2010 and had set it up to use Firefox as my default browser so I could view how it looks and operates in other browsers. Of course in this local running, it run in http and is on the local network and secure. However, I do enough research on open web that an x-shockwave swf got download and installed on my workstation and when I ran the test web application I had the following pop ups. No code just the object id to let you know it was putting href links into my system (object id = _GPL_e6a00_swf). The problem is that it was capturing words from the html page being displayed, sending them to textsrv, and then putting a hyperlink on those words, like news.
I understand that this was occurring because it was working from my workstation (sameDomain).
I have written jscript to detect of flash player types and mimetypes browser addons.
Big Question, How do I write code, either behind (class or partial classs), or jscript or html5 or whatever to turn all flash player types parameter allowscriptaccess value="always" to "value="never" when the application runs?
Upvotes: 0
Views: 7703
Answers (1)
Reputation: 22116
If I understand this correctly you can set the allowscriptaccess param element on the flash objects using jQuery SWFObject Plugin to value="never".
There are examples on this page of how to set the param:
<object data="test_flashvars.swf" type="application/x-shockwave-flash" id="flash_35357516" width="320" height="180">
<param name="flashvars" value="name1=jQuery&name2=SWFObject&name3=Plugin">
<param name="movie" value="test_flashvars.swf">
<param name="wmode" value="opaque">
<param name="AllowScriptAccess" value="never">
</object>
Upvotes: 1
Related Questions
- Flash AS3 Global Security Settings - programmatically
- How can I detect if Flash Player is disabled in a browser using JavaScript?
- Set flash parameter AllowScriptAccess to 'sameDomain' instead 'always'
- "Allow" Button for flash content cannot be clicked in Mac Chrome
- How to trigger Adobe flash player setting privacy panel from flash?
- Why is Firefox overriding my object's allowScriptAccess tag?
- Flash Permissions
- Flash player doesn't allow script
- Flash, AS3: Is there a way to obtain the current security settings/restrictions for mic/camera programmatically?
- How can I access allowScriptAccess's value from Flash?