Actionscript 3.0 – Flash Security Sandbox

Currently, there are 4 kinds of Security Sandbox for swf file. They are:

    Security.REMOTE – SWF file from Internet URL, following domain sandbox rules;
    Security.LOCAL_WITH_FILE – SWF file from local which can get local data but cannot communicate with internet.
    Security.LOCAL_WITH_NETWORK – SWF file from local which can communicate with internet but not local data
    Security.LOCAL_TRUSTED – SWF file is local file but has been set as trusted file which can communicate with local as well as internet. This kind model has highest authority, when we testing flash file using flash tool, we are under this kind of model.

There are two basic rules for those Security Sandboxs:

  • Resource under same sandbox always can communicate with each other;
  • SWF from remote sandbox always cannot visit local data and file;
  • There are two things we have to go through if we are talking about Flash Security Sandbox:

  • crossdomain.xml
  • Security.allowDomain
  • Continue reading