I'm building an swf player, it works fine for local swf files, but not when the swf tries to access external resources (rss). I figured out that Adobe AIR is blocking that access. Does anyone know if it's possible to bypass this security mechanism, maybe using a LoaderContext ?
I'm getting this message:
* Security Sandbox Violation *
Connection to http://x.com/ halted – not permitted from file:///x.swf
— Untrusted local SWFs may not contact the Internet.
There's no way to me to create the crossdomain.xml on http://x.com/.
thanks,
Best Answer
This behavior is by design to address a class of security vulnerabilities where flash movies access network resources from destinations that the end user did not authorize, possibly even without the end user's knowledge. You can either a) allow the user to give permission for the swf movie to operate outside the sandbox (usually a negative user experience) or b) proxy all requests to 3rd party servers through some kind of proxy mechanism on your site hosted on the same domain as the sfw movie (sneaky but it works).