http://www.wildbunny.co.uk/blog/2012/11/05/fixing-security-sandBox-violation-in-flash-as3/ security sandBox关于安全的一篇帖子
This time I wanted to talk about the dreaded Security sandBox violation error which Flash will sometimes throw at you when you’re working with external websites,or sockets,or file access across local/web.
What is a security sandBox violation?
Flash applications run inside a security sandBox which prevents them from accessing data they shouldn’t be. For example if your application is web-based,it will be forbidden from accessing files on a user’s local hard drive. If the application is not web-based then it will be forbidden from accessing the web. You can read more about these two types here.
When an application attempts to access data outside of its sandBox,you will see an error which looks similar to this:
********* Security SandBox Violation ***** Connection to <requested data location> halted - not permitted from <location of swf>
This can happen in a number of different cases:
The application sandBox is set incorrectly
This can happen when the sandBox is configured to be used one way,but is being used in another way by mistake. You can change this setting:
In Flash IDE by going to File->Publish Settings->Flash->Local playback security and choosing either ‘Access local files only’ or ‘Access network only’.
In FlashDevelop by right clicking on your project->Properties->Compiler Options->Use network services
In Amethyst by right clicking on the project in the solution explorer->Properties->Compiler->Use network
You are accessing a web-service across domains
If your application is web-based and is accessing a web-service of some kind on a different domain to the one the .swf file is hosted on you can get a sandBox violation if the domain you are accessing does not have a valid cross domain policy in place.
The root of the domain you are accessing must have a valid crossdomain.xml file.
Here is an example crossdomain.xml:
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYstem "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> <site-control permitted-cross-domain-policies="master-only"/> </cross-domain-policy> |
Read more on the specification of this file here
You are accessing a web-service from your local machine during development
Because of the two different sandBox modes,when developing an application which accesses a web-service but debugging or running locally you will cause this exception to fire. In order to get around this you will need to tell Flash that you give permission for this to happen.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
