Cross-Domain Policy

Macromedia has defined very stringent policies (called the security sandbox by Macromedia) for the control and management of how SWF files can interact with one another and with executable files on the Web or your hard drive. Most of these policies are more stringent in Flash Player 7 than in previous versions (and more stringent than many other web technologies implement). You may find that some sites that work with Flash Player 6 do not work in Flash Player 7 due to added security restrictions, as described at http://www.macromedia.com/devnet/mx/flash/articles/fplayer_security.html.

Macromedia's cross-domain policy determines whether a SWF can load or communicate with other SWFs or content from other domains. In particular, for Flash Player 7, the default policy is as follows:

• A SWF is not allowed to load another SWF unless it is loaded from exactly the same domain.

• A SWF is not allowed to communicate with any other SWF (i.e., using the LocalConnection class) unless both SWFs come from exactly the same domain.

• A SWF is not allowed to load assets from a different domain than the one from which the SWF is running.

You can modify this default policy to allow SWFs from other domains to interact with your SWFs:

• moock.org's Cross-Domain Policy File technote (http://moock.org/asdg/technotes/crossDomainPolicyFiles) discusses the conditions that cause a warning dialog to appear when playing Flash Player 6-format (and older) SWF files in Flash Player 7 and cause data loading to fail in Flash Player 7-format SWF files.

• Flash technote Macromedia Flash Security Sandbox (http://www.macromedia.com/support/flash/ts/documents/security_sandbox.htm) explains the Flash Player 7 security sandbox. The sandbox provides a restricted area that "surrounds" the Flash Player to restrict access to private data and prevent a SWF from executing potentially damaging applications.

• Flash technote 16520 Loading Data Across domains (http://www.macromedia.com/support/flash/ts/documents/load_xdomain.htm) explains what operations are allowed and disallowed when attempting to load assets from a different domain than the one from which the SWF is running.

• Macromedia technote 14213 External data not accessible outside a Macromedia Flash movie's domain (http://www.macromedia.com/support/flash/ts/documents/loadvars_security.htm) explains the limitations on loading data, typically via the LoadVars class, from domains other than the one hosting the SWF.

• The LocalConnection.allowDomain( ) event handler described in Recipe 17.4 ("Accepting Communications from Other Domains") in the ActionScript Cookbook allows you to specify other domains from which SWFs can create local connections to the current SWF.

• Recipe 15.6 ("Loading Remote Content by Proxy") in the ActionScript Cookbook explains how to evade the cross-domain limitations for loading content by using a proxy server.

• The System.Security.allowDomain( ) method described in Recipe 15.2 ("Loading an External SWF from a Trusting Domain") in the ActionScript Cookbook allows you to specify which domains are allowed to load your SWF file.

• If a Flash movie served via HTTP attempts to access secure HTTPS content, the operation fails silently by default. Flash MX 2004 adds a System.security.allowInsecureDomain( ) method, which allows a SWF published for Flash Player 7 to permit HTTP-to-HTTPS access. (This is not recommended because it compromises HTTPS security, but it may be required to permit access to HTTPS files published for Flash Player 7 or later from HTTP files published for Flash Player 6.)

• Users can access the web-based Settings Manager by clicking the Advanced button on the Privacy tab of the Settings dialog box. Once at Macromedia's site, the user can configure global and domain-specific options regarding cross-domain policies.