System.security.allowDomain()

Availability

Flash Player 6; behavior changed in Flash Player 7.

Usage

System.security.allowDomain("domain1", "domain2, ... domainN")

Parameters

domain1, domain2, ... domainN Strings that specify domains that can access objects and variables in the file containing the System.Security.allowDomain() call. The domains can be formatted in the following ways:

• "domain.com"
• "http://domain.com"
• "http://IPaddress"

Description

Method; allows SWF files in the identified domains to access objects and variables in the calling SWF file, or in any other SWF file from the same domain as the calling SWF file.

In files playing back in Flash Player 7 or later, the parameter(s) passed must follow exact-domain naming rules. For example, to allow access by SWF files hosted at either www.domain.com or store.domain.com, both domain names must be passed:

// For Flash Player 6
System.security.allowDomain("domain.com");
// Corresponding commands to allow access by SWF files
// that are running in Flash Player 7 or later
System.security.allowDomain("www.domain.com". "store.domain.com");

Also, for files running in Flash Player 7 or later, you can't use this method to allow SWF files hosted using a secure protocol (HTTPS) to permit access from SWF files hosted in nonsecure protocols; you must use System.security.allowInsecureDomain() instead.

Example

The SWF file located at www.macromedia.com/MovieA.swf contains the following lines.

System.security.allowDomain("www.shockwave.com");
loadMovie("http://www.shockwave.com/MovieB.swf", _root.my_mc);

Because MovieA contains the allowDomain() command, MovieB can access the objects and variables in MovieA. If MovieA didn't contain this command, the Flash security implementation would prevent MovieA from accessing MovieB's objects and variables.