Rich Rodecker’s blog on flash, flex, actionscript, javascript, and php, with a dash of randomness
Security Restrictions in the Authoring environment
Why?
While working on a project today, I was loading in some data via flash remoting from a remote server. thats fine, everythign works smoothly. Try to load in a jpg from the remote server, I get:
bq. *** Security Sandbox Violation ***
SecurityDomain ‘http://www.myserver.com/images/1.jpg’ tried to access incompatible context ‘file:///C|/wamp/www/website/myfile.swf’
Yeah baby!! Flash security restrictions in the authoring environment. God, I feel so secure.
The solution? Set allowDomain of the security object to the domain you want to load the swf/jpg from:
bc[as]. System.security.allowDomain(“http://www.myserver.com”);
Its a small little step, I know, but it’s one little step I’d like to not deal with while im developing, that I am just going to have to take time out and remove later.
about 3 years ago
I have an issue duplicating a loaded movie clip. DuplicateMovieClip emits the following error:
*** Security Sandbox Violation ***
SecurityDomain ‘http://testserver/assets/DeadTrees.swf’ tried to access incompatible context ‘file:////testserver/Inetpub/wwwroot/art/walkingdemo.swf’
note I use this: System.security.allowDomain(“http://testserver”);
The movie ends up not being duplicated.
Anyone have an idea?
about 3 years ago
hi
thx for the security tip. i had exactly the same problem.
patrick heusser
about 3 years ago
cheers,
I had the same thing.
about 3 years ago
Me too, thanks
about 3 years ago
Thanks, thanks, thanks! You rule :bow:
about 3 years ago
It doesn’t work for me… I hate you all flash
about 3 years ago
you’re right, thanks
about 3 years ago
This problem most often happens when you are launching .swf file at, say, http://www.yoursite.com and loading SWF from http://yoursite.com/ (without WWW) and vice versa.
Just check paths attentively and use one path convention for all paths in your code. I am unsure whether everything else helps 100% with *** Security sandbox violation *** and incompatible context.
about 2 years ago
This has been bothering me for days. Thanks a lot!
about 2 years ago
Thanks You So Much!!!
about 2 years ago
thanks
you saved my day
about 2 years ago
Thank you soo much rich !
about 2 years ago
Even better, save some duplication and use this!
System.security.allowDomain(‘*’);
about 2 years ago
I was having the same problem trying to run an app in the flash environment loading and downloading JPGs off the server I am working on, and used the fix listed above, but upon some mouse events that I was using to enable drag/drop functionality, the same security sandbox error would still happen – very annoying.
The fix I found was to use ANOTHER container movie clip inside the original to load the remote image, and then applying all property changes, mouse events, or other interactive manipulations of the object to the outermost container movie clip, and not the inner one holding the image. For whatever reason, I guess this separates the cross-domain loaded object from the events, even though the outcome is the same.
In this manner, I didn’t even need the System.security.allowDomain(‘*’); fix, although that did clear up a number of the errors initially.
So, try creating an innerHolder type workaround if you can’t seem to get rid of those annoying Sandbox errors..
about 2 years ago
thanks alot, it solved my problem!
about 2 years ago
@Sean Powell
yep that solved my **SandBox** problem too ..
You are a genius
…im back in “Hello actionScript World”
about 2 years ago
Hah, thanks for the post.
I have been doing ActionScript 3 for quite some time now, and was getting really really angry that Security.allowDomain(“*”) was not working in this ActionScript 2 project I am working on.
Your nice post kicked me right back into ActionScript 2 mode.
about 1 year ago
I couldn’t get it to work I still get the stupid security message:
Do I need to change anything in this? I just copied and pasted the exact code??
bc[as]. System.security.allowDomain(”http://www.myserver.com”);
about 1 year ago
Thanks! I’m happy now!
about 1 year ago
This not only affects the dev environment, but it can cause nasty, hard-to-find issues with release builds as well. We have our HTML hosted on our server, but put the SWF files and other assets on Amazon’s S3 service. Works great, but without the Security.allowDomain() call, the browser history and forward/back buttons did not work correctly.
I was getting the Sandbox warning running in debug, but just ignored that right up until I was trying to solve the release build issue.
This one line of code fixed it. Thanks.
about 1 year ago
Awesome…. been looking for hours for this. Thnx! =D
about 10 months ago
Thanks, here is some additional information on Data access between cross-domain SWF files
about 3 weeks ago
Saved My Day , Thanks a lot