Chapter 19. Flash Player Security Restrictions
To protect data from being transferred to unauthorized destinations without appropriate permission, Flash Player scrutinizes all requests to load or access external resources, or interact with other .swf files or HTML files. Each request a .swf file makes for an external resource (a resource not compiled into the .swf file making the request) is rejected or approved based on the following factors:
The ActionScript operation used to access the resource
The security status of the .swf file performing the request
The location of the resource
The explicit access-permissions set for the resource as determined by either the resource’s creator or distributor
The explicit access-permissions granted by the user (e.g., permission to connect to the user’s camera or microphone)
The type of Flash Player running the .swf file (e.g., plug-in version, standalone version, Flash authoring tool test version)
In the preceding list, and throughout this chapter, the following terms have the following meanings:
- Resource distributor
The party that delivers a given resource. Typically a server operator such as a web site administrator or socket server administrator.
- Resource creator
The party that actually authors the resource. For .swf files, the resource creator is the ActionScript developer that compiles the .swf.
- User
The user of the computer on which Flash Player is running.
This chapter explains Flash Player security restrictions in general terms, and then explores ...
Get Essential ActionScript 3.0 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
