| |
| |
| |
| |
Flash Player 6; behavior changed in Flash Player 7.
receiving_lc.allowDomain = function([sendingDomain]) { // Your statements here return true or false }
sendingDomain An optional parameter specifying the domain of the SWF file containing the sending LocalConnection object.
Nothing.
Event handler; invoked whenever receiving_lc receives a request to invoke a method from a sending LocalConnection object. Flash expects the code you implement in this handler to return a Boolean value of true or false. If the handler doesn't return true, the request from the sending object is ignored, and the method is not invoked.
Use this command to explicitly permit LocalConnection objects from specified domains, or from any domain, to execute methods of the receiving LocalConnection object. If you don't declare the sendingDomain parameter, you probably want to accept commands from any domain, and the code in your handler would be simply return true. If you do declare sendingDomain, you probably want to compare the value of sendingDomain with domains from which you want to accept commands. The following examples illustrate both of these implementations.
In files running in Flash Player 6, the sendingDomain parameter contains the superdomain of the caller. In files running in Flash Player 7 or later, the sendingDomain parameter contains the exact domain of the caller. In the latter case, to allow access by SWF files hosted at either www.domain.com or store.domain.com, you must explicitly allow access from both domains.
// For Flash Player 6receiving_lc.allowDomain = function(sendingDomain) { return(sendingDomain=="domain.com"); } // Corresponding commands to allow access by SWF files // that are running in Flash Player 7 or laterreceiving_lc.allowDomain = function(sendingDomain) { return(sendingDomain=="www.domain.com" || sendingDomain=="store.domain.com"); }
Also, for files running in Flash Player 7 or later, you can't use this method to allow SWF files hosted using a secure protocol (HTTPS) to permit access from SWF files hosted in nonsecure protocols; you must use the LocalConnection.allowInsecureDomain event handler instead.
The following example shows how a LocalConnection object in a receiving SWF file can permit SWF files from any domain to invoke its methods. Compare this to the example in LocalConnection.connect(), in which only SWF files from the same domain can invoke the Trace method in the receiving SWF file. For a discussion of the use of the underscore (_) in the connection name, see LocalConnection.send().
var aLocalConnection = new LocalConnection();
aLocalConnection.Trace = function(aString)
{
aTextField = aTextField + aString + newline;
}
aLocalConnection.allowDomain = function() {
// Any domain can invoke methods on this LocalConnection object
return true;
}
aLocalConnection.connect("_trace");
In the following example, the receiving SWF file accepts commands only from SWF files located in thisDomain.com or thatDomain.com.
var aLocalConnection = new LocalConnection();
aLocalConnection.Trace = function(aString)
{
aTextField = aTextField + aString + newline;
}
aLocalConnection.allowDomain = function(sendingDomain)
{
return(sendingDomain=="thisDomain.com" || sendingDomain=="thatDomain.com");
}
aLocalConnection.connect("_trace");
LocalConnection.connect(), LocalConnection.domain(), LocalConnection.send()
| |
| |
| |
| |