How do I call a Flex SWF from a remote domain usin

2019-07-10 07:42发布

站内问答 / 移动开发
882 3 4

I have a Flex swf hosted at http://www.a.com/a.swf. I have a flash code on another doamin that tries loading the SWF:

_loader = new Loader();
var req:URLRequest = new URLRequest("http://services.nuconomy.com/n.swf");
_loader.contentLoaderInfo.addEventListener(Event.COMPLETE,onLoaderFinish);
_loader.load(req);

On the onLoaderFinish event I try to load classes from the remote SWF and create them:

_loader.contentLoaderInfo.applicationDomain.getDefinition("someClassName") as Class

When this code runs I get the following exception

SecurityError: Error #2119: Security sandbox violation: caller http://localhost.service:1234/flashTest/Main.swf cannot access LoaderInfo.applicationDomain owned by http://www.b.com/b.swf.
    at flash.display::LoaderInfo/get applicationDomain()
    at NuconomyLoader/onLoaderFinish()

Is there any way to get this code working?

3条回答
萌系小妹纸
2楼-- · 2019-07-10 07:47

Mayhaps System.Security.allowDomain is what you need?

查看更多
0人赞 添加讨论(0) 举报
Juvenile、少年°
3楼-- · 2019-07-10 07:56

This is all described in The Adobe Flex 3 Programming ActionScript 3 PDF on page 550 (Chapter 27: Flash Player Security / Cross-scripting):

If two SWF files written with ActionScript 3.0 are served from different domains—for example, http://siteA.com/swfA.swf and http://siteB.com/swfB.swf—then, by default, Flash Player does not allow swfA.swf to script swfB.swf, nor swfB.swf to script swfA.swf. A SWF file gives permission to SWF files from other domains by calling Security.allowDomain(). By calling Security.allowDomain("siteA.com"), swfB.swf gives SWF files from siteA.com permission to script it.

It goes on in some more detail, with diagrams and all.

查看更多
0人赞 添加讨论(0) 举报
聊天终结者
4楼-- · 2019-07-10 08:11

You'll need a crossdomain.xml policy file on the server that has the file you load, it should look a something like this:

<?xml version="1.0"?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
  <allow-access-from domain="www.friendOfFoo.com" />
  <allow-access-from domain="*.foo.com" />
  <allow-access-from domain="105.216.0.40" />
</cross-domain-policy>

Put it as crossdomain.xml in the root of the domain you're loading from.

Also you need to set the loader to read this file as such:

var loaderContext:LoaderContext = new LoaderContext();
loaderContext.checkPolicyFile = true;

var loader:Loader = new Loader();
loader.contentLoaderInfo.addEventListener( Event.COMPLETE, onComplete );
loader.load( new URLRequest( "http://my.domain.com/image.png" ), loaderContext );

code sample yoinked from http://blog.log2e.com/2008/08/15/when-a-cross-domain-policy-file-is-not-enough/

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)