19.1. What’s Not in This Chapter19.2. The Local Realm, the Remote Realm, and Remote Regions19.3. Security-Sandbox-Types19.3.1. How Security-Sandbox-Types Are Assigned19.4. Security Generalizations Considered Harmful19.5. Restrictions on Loading Content, Accessing Content as Data,
Cross-Scripting, and Loading Data19.5.1. Loading Content19.5.2. Accessing Content as Data19.5.3. Cross-Scripting19.5.4. Loading Data19.5.5. Restrictions on Loading Content, Accessing Content as Data,
Loading Data, and Cross-Scripting19.6. Socket Security19.7. Example Security Scenarios19.7.1. Snoopy Email Attachment—Without Flash Player Security19.7.2. Snoopy Email Attachment—With Flash Player Security19.7.3. Internal Corporate Information—Without Flash Player
Security19.7.4. Internal Corporate Information—With Flash Player
Security19.7.5. Cross-Web Site Information—Without Flash Player
Security19.7.6. Cross-Web Site Information—With Flash Player Security19.8. Choosing a Local Security-Sandbox-Type19.8.1. Compiling a Local-with-Filesystem .swf File19.8.2. Compiling a Local-with-Networking .swf File19.8.3. Granting Local Trust19.8.4. Developers Automatically Trusted19.8.5. Default Local Security-Sandbox-Type19.9. Distributor Permissions (Policy Files)19.9.1. Authorizing Loading-Data and Accessing-Content-as-Data
Operations19.9.1.1. Creating the policy file19.9.1.2. Posting the policy file19.9.1.3. Obtaining a policy file’s permission to load data19.9.1.4. Obtaining a policy file’s permission to access content as
data19.9.2. Using a Policy File to Authorize Socket Connections19.9.2.1. Create the policy file19.9.2.2. Socket-based policy-file retrieval19.9.2.3. HTTP-based policy-file retrieval19.10. Creator Permissions (allowDomain( ))19.10.1. Allowing .swf Files Served Over HTTP to Cross-Script .swf
Files Served Over HTTPS19.11. Import Loading19.12. Handling Security Violations19.13. Security Domains19.13.1. Ambiguous Use of the Term “Sandbox”19.14. Two Common Security-Related Development Issues19.14.1. Accessing Internet Subdomains19.14.2. Accessing the Loader Class’s Instance Variable
Content19.15. On to Part II!