| |
| |
| |
| |
Flash Player 7.
System.Security.allowInsecureDomain("domain")
domain An exact domain name, such as "www.myDomainName.com" or "store.myDomainName.com".
Nothing.
Method; allows SWF files in the identified domains to access objects and variables in the calling SWF file, which is hosted using the HTTPS protocol.
By default, SWF files hosted using the HTTPS protocol can be accessed only by other SWF files hosted using the HTTPS protocol. This implementation maintains the integrity provided by the HTTPS protocol.
Macromedia does not recommend using this method to override the default behavior because it compromises HTTPS security. However, you may need to do so, for example, if you must permit access to HTTPS files published for Flash Player 7 or later from HTTP files published for Flash Player 6.
A SWF file published for Flash Player 6 can use System.security.allowDomain() to permit HTTP to HTTPS access. However, because security is implemented differently in Flash Player 7, you must use System.Security.allowInsecureDomain() to permit such access in SWF files published for Flash Player 7 or later.
In this example, you host a math test on a secure domain so that only registered students can access it. You have also developed a number of SWF files that illustrate certain concepts, which you host on an insecure domain. You want students to be able to access the test from the SWF file that contains information about a concept.
// This SWF file is at https://myEducationSite.somewhere.com/mathTest.swf
// Concept files are at http://myEducationSite.somewhere.com
System.Security.allowInsecureDomain("myEducationSite.somewhere.com")
System.security.allowDomain(), System.exactSettings
| |
| |
| |
| |