Accessing local and remote resources in a locally running SWF

A few days ago I got a question about accessing local and remote resources from a SWF running locally:

I have a question. You say that in your presentation “[When they’re running locally,] SWF files are set to load local files only or remote files only — if you want to load the other type, it won’t work and you’ll get an error message. There are several workarounds, …”

Can you share the work around for this problem? I used the executable file (instead of swf) but it even gave errors when I had local and remote files to load. The browser should be always open when the file is running. Is there a way to make it run?

(Incidentally, the question was from one of my former classmates from the Indiana University Instructional Systems Technology program.)

The workarounds depend a little bit on what you’re trying to accomplish.

If you want your locally-running SWF to load remote files only, the easiest solution is to change the publish settings for the movie. Under File > Publish Settings, in the Flash Tab, in the “Local playback security” field (the last field) choose “Access network only”.

However, it sounds like you want your SWF to be able to load remote files and local files, which makes things more complicated. What you’ll need to do is to designate the file or a location on the user’s hard drive as a “trusted” file/location. When files are trusted, Flash Player will let you access both local and remote content. There are three approaches to making this work:

1. Designate the SWF as “trusted” in the Flash Player settings.
   This only works if it’s running in a browser — it sounds like you converted your SWF into an executable, so I don’t think this one will work in that situation.

   This approach is outlined here:
   LiveDocs “Specifying trusted files using the Settings Manager”

2. Designate the folder containing the SWF (or some higher-up folder) as “trusted” in the Flash Player settings.
   This is the same as the previous approach, except that you designate an entire folder as trusted, so you could use one SWF to designate a folder as trusted, and put another SWF in there and it will automatically be trusted too.

   This approach is also outlined at:
   LiveDocs “Specifying trusted files using the Settings Manager”

3. Designate the folder containing the SWF (or some higher-up folder) as “trusted” in the local configuration file.
   This achieves the same end result as 2) (an entire folder, and all its contents, are “trusted”). The difference is that this approach involves creating or modifying a configuration file on the user’s computer, so it can be done without needing to access the Internet at all.

   This approach is described here:
   LiveDocs “Creating configuration files for Flash development”

Interestingly, if you are in fact creating an executable containing your SWF and the Flash Player, you shouldn’t have any problems at all, according to this document (LiveDocs “About local file security and projector files”). It says that executables are automatically “trusted” since the user explicitly chooses to run them, so they should be able to access local and remote files. I made a simple test which seemed to confirm this:

1. Open a new FLA and add a button (instance name myButton) and a dynamic text field (instance name myTextField) to the stage.
2. Enter this code, attached to a keyframe on frame 1 of the main timeline:

   var myLoadVars:LoadVars = new LoadVars();
   
   myLoadVars.onLoad = function(success:Boolean)
   {
        myTextField.text = "myLoadVars.value1 = " + myLoadVars.value1 + "\n";
       getURL("http://www.adobe.com/");
   };
   
   myButton.onRelease = function()
   {
       myLoadVars.load("LocalSecurityTest.txt");
   };

3. Save the FLA to your hard drive (I just put mine on the desktop)
4. In the folder where you saved your FLA, create a new text file named “LocalSecurityTest.txt”, and enter this text in the text file (then save and close):
   value1=Hello+There!
5. Under File > Publish Settings, check the “Windows Projector” checkbox, and click Publish.
6. Double-click the executable and click the button. This text should appear in the text field: “myLoadVars.value1 = Hello There!” then it should open a browser window to “www.adobe.com”. (Loading the text file data is a “local” operation; loading a url in a browser is a “network” operation).

If you publish an HTML/SWF version, open the html page and click the button; the text file data will load then you’ll see a security warning about accessing network content. (Alternatively, if you publish the SWF as network only, the text file data won’t load so you’ll see “myLoadVars.value1 = undefined” in the text field and the browser will navigate to www.adobe.com).

You can leave a comment, or trackback from your own site.

9 Comments so far

1. October 6th, 2006 at 12:40 pm
   Geoff Gaudreault is reported to have said:

   I’ve got one for you… I’ve got a SWF EXE that loads another SWF from a remote site into a MovieClip. I want that SWF to have access to local files, but I get a security error, even if I explicitly add the domain of the SWF to my allowDomain list.

   Thoughts?

2. October 6th, 2006 at 2:09 pm
   William from Lagos is reported to have said:

   Another work around for those who would want to deploy swfs instead of exes and would want to the swf to be able to access both local and remote content, would be to configure an installer (the swf2exe wrapper) to designate the folder where the swf file will be placed as “trusted”.

   This was the approach I took when I wanted to create an installer that would deploy swf + html files to run on a user’s PC as a wallpaper. I also want teh swf file running in the wallpaper to be able to access both local and network resources.

3. October 16th, 2006 at 12:53 am
   Interactive Advertising Blog is reported to have said:

   the standalone Flash Player (such as a Flash projector file running on a CD-ROM) doesn’t work if the user has Firefox set as their default browser. Here we’ll take a look at what’s causing the problem and how to work around it. As a followup to a question about opening local and remote resources in ActionScript, I was asked why a SWF which had been made into a projector (a standalone executable file) wasn’t able to open an HTML page using getURL() when the user’s default browser is Firefox. One initial idea was that it might be related to the security

4. November 16th, 2006 at 8:05 pm
   Andrew is reported to have said:

   I have been tying to get a workaround for the current project I was working on. I had made a flash menu system to work with a frame set. it loads in the menu data from a xml file which works fine, but its when I try to use getURl or ExternalInterface.call I get a security issue. the swf and other files are run localy on the machine. I also had trouble with getting getURl to access framesets properly. any help would be greatly appreciated.

5. November 17th, 2006 at 12:06 pm
   kkk is reported to have said:

   coooooooooooooooooooooooool

6. March 20th, 2007 at 1:32 pm
   Rajan Kharel is reported to have said:

   very nice, so very helpful to me

7. March 31st, 2007 at 1:11 pm
   Rajan kumar kharel is reported to have said:

   Freeware is… free, just as you’d imagine it! The software was developed just for the sake of providing you, the end user, with a cool new application. If you really like the program, you might take a moment to send the author a thank you note, but there are no strings attached to these programs.

8. April 21st, 2007 at 2:10 am
   Mohammed Sunely is reported to have said:

   Hi

   I am loading a text from a .txt file now

   Text written in .txt file
   Ad Size 1.8” X 1.2”

   in flash instead of inch sign(“) its showing box

   Thanks in Advance

   Regards
   Mohammed Sunely

9. June 25th, 2008 at 7:41 am
   flensed :: View topic - Can flXHR work under local mode is reported to have said:

   […] way to be able to access things remotely.This article has more good information on these concepts: http://probertson.com/articles/2006/10/ … local-swf/I hope this helps clear it up. Let me know if you need any further assistance on […]

Add your comment

Name (required)


Email (required/will not be displayed)


URL


Comment


Comment notes

Please keep comments on topic. Comments that are inappropriate or offensive will be edited or removed.

Paragraphs and line breaks are automatically converted to HTML, and quotation marks are converted to “smart” quotes.

The following XHTML tags can be used: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> . All others will be removed.

Articles by Type

• Articles by Paul
  • Opinions
  • Tutorials
• Elsewhere on the web
  • Articles to remember
  • Sites to remember

Articles by Topic

• .NET (5)
  • ASP.NET (3)
• ActionScript (63)
  • AS3 (30)
  • Vector (typed arrays) (1)
• AIR (20)
  • local SQL database (12)
• Application Design (13)
• Book reviews (3)
• Coding (8)
• Design Process (1)
• Dreamweaver (4)
• Flash (54)
• Flex (33)
  • ColdFusion Flash Forms (10)
• Flex Builder (4)
• Frameworks (6)
• JavaScript (2)
• Life at Adobe (2)
• MS SQL Server (4)
• Pixel Bender (1)
• Presentations (8)
• Projects (4)
• SaaS (1)
• Semantic Web (1)
• SQL (8)
• Unit testing (2)
• User-centered design (12)
• Web Browsers (6)
• Web Design (16)
  • CSS (6)
• Writing (11)

Random Reading

• Matt Chotin
• Mike Chambers
• Danny Patterson
• Andrew Shebanow
• Adobe eXperience Design

Currently...

• 
  follow probertson at http://twitter.com

Subscribe

• Subscribe to my feed

• Copyright, terms of use, etc.
• Powered by WordPress