Solution Summery for Local/CD-Rom Flash Content Deal with Flash Player 8 Security Restriction

Flash Player 8 security restriction is a headache for developers, especially for these e-Learning courseware developers, because we need to develop Flash content playback locally or in a CD-Rom. Firstly, if you develop content with a Flash 8 exe projector, it does not have any restriction. However, we usually need to develop content running in browser and interact with JavaScript (e.g. calling AICC APIs), so Flash 8 security restriction must be a big challenge to developers. Although Macromedia has released many documentations: Macromedia Flash Player 8 Security White Paper (pdf), Macromedia Flash Player 8 Security-Related APIs White Paper (pdf) and Devnet article: Security Changes in Flash Player 8.

However, these documentations are too technical oriented, too many pages, too heavy and too hard for human to understand. The most important is no scenario usage example. I was easily falling asleep when reading them. Based on the basic principle I understand, Flash 8 restricted local SWF can either access Local-with-filesystem, Local-with-networking, Local-trusted.

I did the testing and summary here. I use Flash Player 8.0.22 and Flash Player 8.5 (alpha r133 & beta r212) to test. Suppose your main SWF is published in Flash 8 as Flash 8 SWF (local/network), Flash 7 SWF (local/network) and published in Flash MX 2004 as Flash 7 SWF. No Global Security Settings have made, just like a normal end-user machine config.

load other SWF (same folder or sub-folder) with loadMovie
Flash 8 allow local OK allow network OK
Flash 7 Pusblished by Flash 8 allow local OK allow network OK
Flash 7 Published by Flash MX 2004 OK
Note: External swf cannot be loaded if their local playback security setting does not match with main SWF (i.e an allow local SWF cannot load an allow network SWF, vice versa).

Note: If SWF is published by Flash MX 2004 (i.e. without local playback security setting), both an allow local/network SWF can load it.

getURL to other html page (same folder or sub-folder) locally
Flash 8 allow local OK allow network OK
Flash 7 Pusblished by Flash 8 allow local OK allow network OK
Flash 7 Published by Flash MX 2004 OK
getURL to internet html page (e.g. google.com)
Flash 8 allow local Fail silently allow network OK
Flash 7 Pusblished by Flash 8 allow local OK allow network OK
Flash 7 Published by Flash MX 2004 OK
load data from same folder or sub-folder locally with LoadVar(sendAndLoad) /XML
Flash 8 allow local OK allow network Fail
Flash 7 Pusblished by Flash 8 allow local OK allow network Fail
Flash 7 Published by Flash MX 2004 OK
load data from internet with LoadVar(sendAndLoad) / XML
Flash 8 allow local Fail with Warning allow network OK (with crossdomain.xml
Fail (without crossdomain.xml)
Flash 7 Pusblished by Flash 8 allow local OK allow network OK (with crossdomain.xml
Fail (without crossdomain.xml)
Flash 7 Published by Flash MX 2004 OK
Calling JavaScript with getURL
Flash 8 allow local Fail allow network Fail
Flash 7 Pusblished by Flash 8 allow local OK allow network OK
Flash 7 Published by Flash MX 2004 OK
Calling JavaScript with ExternalInterface
Flash 8 allow local Fail allow network Fail

Conclusion From the table, you will see it is a sadly result that e-Learning developers cannot benefit with the new Flash 8 features if we publish the content in Flash 8 SWF, because we are highly relied on calling JavaScript and Internet data exchange. Unless we do the manually configuration on end-users’ machine, set up a local-trusted sandbox for our Flash content. What about CD-Rom distributed content? Need to do an installation first?

6 replies on “Solution Summery for Local/CD-Rom Flash Content Deal with Flash Player 8 Security Restriction”

  1. You could use a 3rd party application. If you’re distributing on CD then the most important requirement is that it works.

    A program like Northcode’s SWF Studio doesn’t suffer from local security issues and provides a lot of other features.

    Just an option.

  2. Hi!

    I want to extend my SQL experience.
    I red really many SQL books and want to
    get more about SQL for my position as db2 database manager.

    What would you recommend?

    Thanks,
    Werutz

Comments are closed.