So what do you think of the new Local File Security sandbox in Flash Player 8?

We have been getting a lot of contact from users confused about the new Local File Security Sandbox in Flash Player 8.

Understandably, they tend not to be pleased that hosted SWFs can no longer load data from the clients’lLocal system. My thought is that his is a good thing. It reduces the likely hood a that someone intended on identity theft or just spamming you to no end, would be able to read a file they happen to know the path to on the client machine and send its contents to a server over the internet without the user being aware of it.

Also users have been, against our recommendation, distributing SWFs (not projectors) through email so much that I would say it was a good idea to support standalone SWFs in Flash 8. While this concept is convenient it does exposes less tech savy end users to some risks. The new LFS security restrictions allow users to distribute SWFs with the least risk to the end user.

It would seem that some developers have created some clever applications that took advantage of Player 7 less restrictive nature and now that their content is broken they are looking for solutions.

I can say that only safe thing you can do is to request the user download or install some SWF to run from the end users’ local machine. That can either be your main application that then talks to your server or some “utilityâ€? SWF that can be used to perform tasks on behalf of the hosted SWF. (Be sure to check the DevNet article about Player 8 Security)

This is going to require some additional development work, or some forethought before publishing, regardless of if you have an application that requires a hybrid local and network access, or if you just want to email your friends a SWF that loads your vacation picture slide show.

I tend to think security is more important then convenience so long as it does not go overboard, but everyone has a difference of opinion of what overboard is.

I would like to hear yours.

Is it more important to have convenience and ease of use (end user beware) or strong security (with all the hassles that come with it)?

61 Responses to So what do you think of the new Local File Security sandbox in Flash Player 8?

  1. Jameson Hsu says:

    People who are worried about security usually have firewall software installed on their machines. It shouldn’t be Marcomedia’s job to restrict something as simple as access to an external website. Almost all applications access the web in one way or another so why does something like Flash (which is primarily web based) have to be the one restricting access to the web? It makes no sense and I believe that it’s going to frustrate a lot of developers. Personally, it has been extremely annoying that Flash 8 is not 100% backwards compatible.Have there been a lot of problems in the past with security or viruses with Flash? I’ve been using Flash for 6 years now and have never once heard of a malicious attack in the news having to deal with Flash. So why tighten security and break the multitude of applications that already exist? Is it a ploy to make people buy Flash 8 so that they can republish with the new sandbox security setting? That’s just a sentiment of frustration. In the very least the new security model should have been a feature built for Flash 8 and newer SWFs, not something that adversely affects previously published SWFs.Macromedia has made a great name for itself by empowering developers to enhance the user experience. However, with the release of Flash 8 the user experience for applications and content that access external sites has been seriously compromised.

  2. JesterXL says:

    Just so you know, you’ll get more feedback Monday, Tuesday, and Wednesdays with such posts. Friday’s are pretty quiet in the Flash blogging community; at least as far as comments go.Strong security with documented workarounds that are sanctioned and supported. Shim.swf of Flash 5 & 6, cross-domain.xml of 6 & 7, and … well, 8’s different.I’ve only been using Flash professionaly for 4 years and I HAVE heard of that exploit that one could theoretically do via writing a bat file from fscommand; but MM responded within HOURS with a new player. Never heard it go farther than that.I DO dislike the security dialogue as well as the security page for managing Flash cookies & allowable sites. I know another dev mentioned you all are working on revamping slightly for 8, and then overhauling later.To me, the Settings Panel in Flash was risky because it was a Flash UI widget not using OS level controls. This extremely important UI form now has unfamiliar controls; not worth the trade-off to me.Then, you DO use an OS level dialogue for the security popup for 8; what the hell? The likelihood of seeing the use cases for that are about the same as seeing the use cases for “Flash Player download stats post-Yahoo toolbar bundling”… but I can hope!So far, it hasn’t affected me. Either my content runs in a browser, or I run it in a projector. At least now you all are explicitly calling out what a SWF can and cannot do, and begrudingly, I agree.I say that now, but you never know… I’m still a developer.

  3. Flabbygums says:

    incredibly frustrating..especially at an enterprise level where it ain’t all that easy to test live!!!I agree the new security is annoying and probably pointless. What’s worse than not being able to test my files locally anymore is it’s been my experience that Saving As a MX 2004 and publishing to F7 or F6 from Flash 8 to MX 2004 — it still inherits the NEW Flash 8 security sandbox! This sucks.. and it means I always have to run two versions of Flash, and forced to buy a FULL version of Flash 8.

  4. Jack says:

    I like the new Local File Security sandbox, its good to make a saver website 😀

  5. John Dowdell says:

    I hear you… it’s hard when things aren’t as easy as they were before, or when they’re not as easy as they might be.But for any possible risk, we’ve got to be careful — the real people we have to persuade here are the clients, the IT groups, the public who install it on their machines. We’ve got to find ways to operate within the constraints of what they will accept, agreed…?(Jameson, you’ve documented what you want to do, the goals you’re trying to achieve, to either the Flash Player wishlist or the Security group, right? Or called up Ken or the group in product support? Reason I ask is that it’s to all our advantage to have you get what you’d like to achieve, and maybe there’s a way to reconcile all interests…?)jd/mm

  6. Rich Shupe says:

    I haven’t thought enough about this to speak intelligently on the matter–such as suggesting useful changes. Sometimes, however, rash discussion can trigger ideas in more intelligent folk.From a user experience, this is the worst thing that’s happened to Flash in a long time. What was once a very common occurrence is now intimidating to the average user.My company creates a large number of browser-based CD-ROMs that use Flash. Since the Flash 8 Player has been available, the help desk at our principle client has been flooded (comparatively) with calls, and the client is now swearing off Flash. We’re having to fight to keep Flash in isolated situations by assuring them that many circumstances don’t require links and therefore the dialog will not appear.It has also been an ongoing disquieting discussion about the fact that the settings dialog is based on Macromedia’s Web site. Why is this the case? Why are pathnames about my personal computer being stored on Macromedia’s Web site? What is Macromedia doing with this information? Who else has access to this information? Etc.I have to agree in many cases. I haven’t researched this yet, because I’ve been up against a huge deadline, but I don’t understand why the settings button takes me to Macromedia’s site, either. It would be so much easier for me to fight this with clients if the process was entirely local. I keep thinking about pop-up blockers and Active Content, and so on. Why IS it different?It’s discouraging when you spend a month doing nothing but evangelizing Flash 8 at trade shows, in articles, and soon in a book, only to then be told repeatedly that I can’t use it in my work.Obviously, my Flash days aren’t over, but this is making a pretty big impact on my biggest client.Anyway, I warned you that this wasn’t well thought out…

  7. John Dowdell says:

    Hi Rich, long time…. ;-)For the privacy settings, the data is stored locally on your own machine, and it’s only the (relatively bulky) interface which is on the Macromedia site.”Why are pathnames about my personal computer being stored on Macromedia’s Web site? What is Macromedia doing with this information? Who else has access to this information?”Here’s the source citation: “The Settings Manager is a special control panel that runs on your local computer but is displayed within and accessed from the Macromedia website. Macromedia does not have access to the settings that you see in the Settings Manager or to personal information on your computer.””Flash Player Settings Manager Help” you’re dealing with this with clients, then the following consumer-oriented document gives them the best overview:”How do I let local Flash content communicate with the Internet?” realize that older CD-ROMs played under the new engine won’t treat local files the same as before, but do the above two documents help in allaying the client concerns you’ve received…?jd/mm

  8. Jameson Hsu says:

    Hi John,I agree that Macromedia’s ultimate responsibility lies with the end users. However it appears from the comments above that the needs of the end users were taken to an unnecessary extreme.We haven’t had a chance to speak with anyone at MM about the security issues yet. I’m not sure how to go about voicing our concerns. You can please drop me a line at [jameson at] if you have some info. Otherwise I’ll see you at MAX and we can talk about it then. 🙂

  9. Rich Shupe says:

    Hey, JD. :-)I didn’t make one thing clear in my post. The questions I was asking are questions the client has been asking me. I’ve been pointing them every which-a-way for answers. I’ve been using the links you recommended, as well as one or two others, and the security white paper PDFs, depending on the intended audience.The result so far? I guess it’s kind of like the cookie-scare back in ‘ought-one. Most knew that cookies were not a security/privacy risk, but people couldn’t deal anyway. (By the way, I’m not talking about the ongoing thoughts about cookies tracking user info.) If you were the user, you panicked and turned them off. If you were the client and you didn’t understand, you had the same reaction. If you were the client and did understand, you banned developers from using cookies regardless because too many users were disabling them, so your products wouldn’t work anyway.That’s where we are now. There’s a giant uphill battle to:convince users that this is for their benefit. This will come in time. We’ve gotten past these types of warnings, at least in part, with secure connections, signed sites, xtra downloads, and so on.convince users that the settings info is not being archived on/used by the Macromedia web site. In my opinion, this is the most damaging factor and, ignorant of the technical reasons behind this, one that I hope Macromedia can change quickly.figure out a way to prevent the pop-up from happening. Part of this is in settings, part in design: Only connect to the net when absolutely necessary (a sadly limiting thing) and/or strictly separating files so that some are internal and some are external. (I haven’t had time to try this yet, but I assume you can have one SWF that is local and another that is net, set them each appropriately, and not get the warning within either. That is, as long as their functionality is consistent and follows the setting, they can coexist without the warning.)In my post, I did ask one question myself and I can’t figure out the answer… Why does the settings manager have to be displayed/accessed within the Macromedia website?Regardless of what is explained, or where it is explained, this is very intimidating to the average user. It bothered me initially, and I’m not an average user. (Heh. I may be average, or even below average, but my point is that–although I’m loathe to admit it–I’ve been using this thing we call Flash since back when it was FutureSplash Animator.) It’s just scary to have those pathnames displayed in the Macromedia Web site. The comments are, “why do they have to be stored [whether they are or not–RS] there?â€? and “how do they know that about my computerâ€? and so on. I have to agree, that’s the perception.My first reaction was, oh, this is just because it’s still beta. This won’t be this way when it ships. Unfortunately….*****By the way, I’ve been meaning to tell you how much I enjoy your blog, when I have a chance to read it. That is, until the first week of October or so, I’m being crushed by deadlines. So, I’m having to rely on the great Firefox extension that Mike wrote to spot headlines and peek when I have time. I really like the editorial sense you bring to your blog–usability, design, should/shouldn’t we be doing this/that, etc. I’ve always appreciated your presence on lists I try to stay involved with (almost hopeless recently), but I don’t tell you enough.I guess I should be posting this part on your blog, huh?

  10. Steve Buckley says:

    I have a huge dislike of this change, It simply seems to make developers lives more difficult.We have enough hoops to jump through testing complex applications without having an application fail silently on a simple GetURL just because i am testing in a browser from my local drive.Why do I need to test in a browser? to check that Flashvars work as expected and the ASP scripts are passing the XML correctly.Quite simply from a a developers point of view this is a pain full stop

  11. Carlos Cruz says:

    In my opinion the new security features of Flash 8 are an arrogant and irresponsible feature imposed on the users by Macromedia. Even Microsoft’s IE does not tell me how to protect my computer, it gives me a choice.Does anyone who already had their morning coffee really think most users are going to read the “consumer oriented documentâ€? yea right!!! Most users at first glance over the document(s) will first be alarmed thinking someone is tracking their actions, second most wont take the time to read it, it’s too long, and I think it will confuse most users, rendering many developers’ efforts useless as many of their end users will be closing their applications!!!I think giving users control through the flash players setting pop up box would have been a much more elegant way of doing!!!That’s my 1.5 cents of thoughts!!

  12. Bob Ippolito says:

    You guys fucked up because you changed the behavior of existing content. This breaks the implicit backwards compatibility contract that you have with developers and users. Nobody likes that, and Flash 8 is a huge failure in that regard.Nobody is arguing that explicit fine-grained security controls are a good idea, but the Flash 8 defaults are dumb. Breaking lots of *actual* existing content is far worse than potentially thwarting an *imaginary* threat. Perhaps these defaults should’ve been applied to Flash 8 content, since it will be generated with an interface that can choose the right settings for the content, but it should *not* have changed existing content.Everyone else in the industry is smart enough to realize that old formats should be supported as-is, hopefully Macromedia learns from this horrible mistake.

  13. Paul Betlem says:

    Bob’s frustration over broken content is one that was shared by the Flash Player engineering team. We consider backward compatibility to be a critical trait and realize that all Flash developers rely on us to get it right, release after release. We have let you down in this case.Unfortunately, end-user security is also a critical priority and is one of the very rare cases where we may need to break compatibility out of necessity. If a malicious person could simply publish a Flash movie as an earlier version to circumvent the new security rules, we haven’t solved the problem.Bob’s point (and those from the other people posting) are well-taken. The candid feedback is appreciated.— Paul

  14. Bob Ippolito says:

    A better job could’ve been done with backwards compatibility without compromising security. Presumably, the problem is that some SWFs can access the disk and the network at the same time. The simple way to thwart this is to wait until it attempts either, and then enforce the appropriate sandbox.This would still break content, of course, but far less content than was broken with the naive decision to choose the local sandbox for existing content. There’s plenty of SWFs out there that are completely standalone other than the network services that they interact with.Also note that other web content doesn’t have this granularity. Local HTML files can load content from arbitrary URLs, local or otherwise. A malicious person should still be able to perform any sort of sandbox jumping in the context of a web page (e.g. talking to JavaScript or other SWFs). This restriction seems like it’s just pandering to people who don’t understand security (and will think that this restriction solves something) at the expense of everyone else.

  15. Ken says:

    If it is any help to CD-Rom producers. Making the entry point of your Application be a Flash Projector will get you around most of the security restrictions without a special installer. While this could be an inconvenience if say your application launched an HTML page as the entry point, if you start with a Flash projector, the exe can read load data and SWFs from the local system or from the network without any restrictions. Also loaded SWFs from the local system can load local data or data from the network, and SWFs loaded into the projector from the network can load data from the network so long as a full URL is provided. The only problem you encounter is if you attempt to make a SWF loaded from the network attempt to load data from the local system. This is not permitted, however if you use the Secuirty.allowDomain method in your projector you’re the hosted SWF can script to the projector and thus get the Projector to load the local system data for it.I hope this bit of advice is helpful to at least a few of you. You can expect to see it(perhaps with more detail) in Technote fairly soon.-Ken

  16. tod hay says:

    Usability Usability Usability is crap in F8 for both developer and end-user!!!Macromedia has DROPPED THE BALL with F8 player.This really is the first BIG STUMBLE that macromedia has produced with their flash player development, and it’s a major one! As a developer, i now can not view my navigational flash files as i develop them on my local machine, and all my CD-based products in which i have utilised flash navigation widgets are producing these security warnings – rendering them quite useless and an absolute usability nightmare.Macromedia has forgotten who made them successful in the first place – yes developers who used flash in projects, which in turn meant that end-users would download the player to view the movie. I am now dropping as much flash as possible from certain development areas simply because you have MADE THE DEVELOPMENT PROCESS MORE DIFFICULT and given the end-user A USABILITY SCARE THAT IS PUTTING THEM OFF YOUR PRODUCT.VERY STUPID move macromedia – you need to get an outside team to review this flaw.

  17. Richard says:

    I have to agree with some of the comments here. The warning that comes up is cryptic. Once you get to Macromedia’s site it’s not obvious how to get rid of the warning, and it’s not obvious that the data isn’t being stored on Macromedia’s site.I also think it could have been implemented in a smarter way. For instance, with the new security restrictions you can’t even call a javascript function in the same page. What harm a javascript function could do I don’t know, but it could just as easily be called from a text link. That kind of lock down will just encourage developers to not use Flash.

  18. Mike L says:

    As the technical lead for a major corporation who uses a MULTITUDE of e-learning content to support user education efforts, I must say that the new security features of Flash 8 are extremely burdensome and have caused an extreme influx of help desk calls. The worst part, in most cases – there is no good answers. Most e-learning content uses Flash due to is historical ease of use, its widespread acceptance, and its obvious aesthetic and graphic benefits. We have approximately 3000 courses that we support both online and via CD-ROM. The CD-ROM users, for a good part, are disconnected users that do not have internet connectivity. Has anyone stopped to realized that someone without an internet connection cannot access the Macromedia site, thus precluding the user from access the Setting Manager? The CD-ROM content (3000 course library eligible to over 40,000 employees) in certain cases loads directly from the file system without engaging the projector (due to our initial desire to keep executables out of the content thus allow us to use a single code base for both CD-ROM and browser played content). In almost ALL cases the content DOES NOT attempt to go anywhere on the internet. However, the SWFs DO interact with the web page which houses them. However, for some reason – which escapes my understanding – Flash player 8 does not allow this unless the SWF is in the Local Trusted sandbox. WHY??? WHY??? WHY???. If not for this, all our content (will a handful of exceptions) would be just fine. Instead, we are faced with a VERY VERY NASTY UGLY dilemma of either having to have affected users install trust files (which would be third-party to our existing CD fullfulment processes) or republish ALL affected content with projectors… which would not only require an EXTREMELY GIGANTIC workforce effort, but also require us to have to maintain two codebases for each e-learning resource (cause most tail-end content servers DO NOT allow executables in content packages).Thank you so much Macromedia. I once had nothing but good things to say about you.

  19. Jason Nakai says:

    I work for a community college that uses browser based cd-roms built with Flash to deliver media-rich content to distance learning students that do not have broadband connections. In most cases, it is the low income students living in remote areas that cannot afford or access a broadband connection.We use these cd-roms in conjunction with an LMS. Until now, the process was fairly seamless. But with the new player, all the cd-roms we have sent out no longer work. And to make matters worse, the LMS is suppressing the warning dialog. So the users cannot use the Settings button to allow this content.We also have cd-roms that are for completely disconnected users that cannot acces the Macromedia site.I don’t think stricter security settings for future content is a bad idea. The problem I have with this is that *functional* content already in use is now rendered useless.As for creating new content using some of the previously mentioned work arounds, it’s not a very encouraging thought that a furture version of the Flash player might not support these work arounds either.My confidence in this product has been shaken but I am optimistic that your team will find a solution.

  20. B. Dew says:

    PLEASE, PLEASE somebody tell me how to get rid ofMicromedia Flashplayer pop-ups ONCE AND FOR ALL. What a darned nuisance! Just get going good on doing some research and then that pesty pop-up butts in.Is this considered an ad or what? I am sure sick and tired of it. It’s about as bad as the old one about “the wrong kind of fonts” and do we still want to continue. It doesn’t matter what answer you give, the nuisance continues to interfere with my use of the Internet. It is stuff like this that sets the Web back and aggravates the heck out of a person!

  21. Ken says:

    Dew,Macromedia does not make the pop-up ads that you see online and in many cases marketers and web masters are not using Flash to make the “pop-upâ€?, pop up. Flash is just one of many popular technologies used by advertisers to get your attention. Much as leaning HTML does not make you a good web designer, using Flash does not make you a good, vs. annoying, advertiser. Macromedia does not regulate the content that is produced with any of our products and your approach, if you don’t mind me saying, is a little like blaming Ford for bad drivers on the freeway.If you don’t like something you see you should probably tell the individual that created it. Although if it is an advertisement they are not likely to care much for your opinion, kind of like when you tell big spammers to stop spamming your email account.Regardless you do have many options available to you in terms of the many free and commercial pop up blockers that can selectively block pop ups and specifically Flash and other advertisements. As a last resort, you don’t have to use Flash. You can uninstall it and you will never see any Flash content again. Although I tend to think that would make for a less amusing web surfing experience.Then again went to school with a guy that was annoyed by how much slower he could surf the web due to the increased use of images in web sites. He decided images were useless for providing information and then promptly turned off the browsers ability to recognize and download image files.Different strokes for different folks I suppose.-Ken

  22. Kelly says:

    I have to agree with much that has been stated… my ire with this change is beyond words. I’m glad that MM felt they needed to take care of us little end-suers and developers. Obviously, we can’t take care of ourselves nor make decisions regarding our security! I recently implemented an eLearning course with Flash 8 and due to the security “feature” and realized what a horrible mess would occur that I saved it as “backwards compatible” in Flash 7. As has been indicated above this does NOT fix the issue. In the end the “end-user”, who MM was suppossedly looking out for, has had nothing but headaches and problems. This becomes a reflection of my competence and has made me wary of trusting MM anymore. Ironically, this is what I expected from a company such as Adobe…All I can hope is that you fix this soon or as the software purchasing agent I may need to start looking elsewhere.

  23. Adam says:

    We commented extensively on the new model which restricts a remote web site from loading a local flash file in the first place. Labeled as a “privacy” improvement, the provided use-cases have been severely abstract cases with little to no decrease in general user risk. This was implemented briefly in 6.0.47 and quickly pulled out. Appears to be sticking in Player 8.In our case, we have 1M+ CDs in circulation which are unusable with Flash 8. Fortunately, most of our customers (Primarily Fortune 500) are restoring back to 7.0.61 and determining a path away from their current reliance on Flash.Considering the havoc this has caused them (with our products and others, for varying Flash 8 reasons), I’m not surprised by the course they are taking.I am a true believer in Flash (we’ve relied on it here for 7 years), and am disappointed by the ongoing musunderstanding of the corporate market where we deploy. Flash 8 seems to make the deployment flexibility our customers need for high-end Flash applications obsolete — from CDs to Content Delivery Networks to caching systems to LMS load balancing; it just doesn’t pull through. Clearly Flash is now a consumer-only product, meant to only be delivered from a single, remote source.

  24. Todd says:

    Have you guys ever heard of SCORM?!!!Why restrict (by default) javascript communication from a flash movie to the html page that embeds that movie? How does this make the world safer?You think large corporations want their end users dealing with Flash 8 Security Settings on a user by user basis just to complete an e-learning course that uses SCORM and some flash elements?Big problem!

  25. M.G.P. says:

    I’m on myspace and I have a flash 8 on my profile page, and I’d like to download another song for it so I can change off once a week or so, so the one I got on there doesn’t get old

  26. Leander Lee says:

    Yeah, I too agree with the above statements… The security should be backwards compatible. It is now causing way to much trouble to change older projects.Macromedia really needs to change this quickly, and think of alternative methods of security. Maybe they should modify their own code instead of client side coding.All this and what was said above. Hopefully, Macromedia will realize this is big enough of a problem to solve quickly.

  27. Mia says:

    As many before me have already noted: It is totally unresponsible to suddenly block Javascript between swf and html files by default. The Technotes and their hazy descriptions of *may not*s and *in some case*s don’t help anyone using Flash embedded in HTML, totally offline and therefore not in need of these crippling *safety* measures.Any user confronted with security warnings (or often enough NOT confronted in some browsers – Flash simply fails silently) is more likely to give up than try to come to terms with the settings. If he can go online at all – because guess what – that was always one of the reasons for distributing something on a CD rom.This is causing me weeks of unpaid work and scaring away my clients: Neither they nor I want to risk rebuilding content only to find it once again worthless when Flash Player 9 comes along. So who is Macromedia/Adobe trying to cater to with this fiasco?! I have always liked working with Flash and understand that not all changes are easily employed, but these changes are far too limiting and foreboding.

  28. Drew says:

    I agree with the generally frustrated and dumbfounded comments. Effectively breaking *ALL* (!?!) CD ROM demos out there is a pretty amazing and audacious decision.As our sentiments have already been noted and ignored, however, has anyone had any success with one of the approved ways to fix your SWFs? Namely, the ‘Macromedia Flash Local Content Updater’.Here’s the description from the MM site:———————————————-The Local Content Updater (LCU) is a free command-line utility that can add, remove, or check for local-with-networking privileges, operating on one or many SWFs. This tool allows you to change the security sandbox that the SWF file operates in when it is played as a local file in Flash Player 8 and above.———————————————-You can find that description about halfway down this page: download link for Windows:’ve attempted to update the SWFs used on our CDs with no effect; I’ve tried both adding and removing the network privelages – it appears to have no effect whatsoever on how it is dealt with by FP8. Users are still forced through the same (obnoxious, untenable, fundamentally broken) process to update their security settings.At least as I read the description, however, this should update SWFs to fix the problem. (In our case SWFs are unable to open HTML popups). Things already burnt to CD are still hosed, but future burns can at least be done without re-exporting every single file, editing HTML pages, etc, changing overall architectures, etc. (Especially as the tool has a recursive update mode)But, it’s not doing anything at all as far as I can tell (other than reporting to me that all of our SWFs either have or don’t have ‘Network privelages’)Anyone had any luck with it?

  29. Ken says:

    The LCU is a utility to help developers test the different security publishing options of your SWFs without having to recompile your flas. It will not remove any security problems caused by SWFs that violate the current security rules.In your case it sounds like you want to host the SWF in a web browser from the CD. This means that you will need create an additional installer on your CD which will create and install a trust file for your content.It’s a lot to read but this should point you in the right direction: that helps..-Ken

  30. Andy Davies says:

    Some of the security changes make sense e.g. preventing cross-domain scripting, but others don’t.The way that a set of html files and flash movies on a CD won’t work anymore just sucks and there’s no valid security reason for it – the content’s all from the same place so there’s no security risk.The other thing I find perplexing abut this is he security settings dialog. Why isn’t this embedded as part of the player – if someone’s running the content in offline mode perhaps it’s because they don’t have access to the internet?Also what’s the security risk of having a webpage that can change things on the local machine?Andy

  31. James says:

    Is there any help on this situation??We build e-learning for a company that must put 15,000 employees through the training in a short period of time. The learning consists of alotof flash simulations of applications with audio and video. In the pastwe have always been able to put the rich media(.swf) on a cd-rom inorder to prevent bandwidth issues that a course of this size wouldcause. The user then logs in and their progress is tracked from theintranet and all of the large content comes from cd’s that aredistributed. With the release of Flash 8 new security features haveprevented this from happening. We can no longer load swf’s from theusers local machine when called from the web page (i.e. File\\\D:main.swf)

  32. Ken says:

    Hi James.You can actually work around this issue by making the CDRom launch a projector. If the entry point into your application is a project the projector and load a SWF from the web and if you have set all the security permissions correctly (cross domain scripting), you can have the online SWF call code in the project to load local content on its behalf. You can then control the loaded local content via ActionScript from the online SWF. This does not do much for anything you have already deployed on CDRom but any CDs you publish in the future should work fine with this structure. You should contact technical support for more information. Hope that helps.-Ken

  33. Ken says:

    Hi Andy,Believe me I understand your frustration. You do have a number of valid points that have been raised before and will no doubt be considered for future releases of Flash. Although as far a security goes. (And I am no expert) The ability for a web page to manipulate local system data can pose a significant risk because of the potential for it to find sensitive information on the end users machine and send it over the internet without the user’s authorization or knowledge. With the current security model a user would need to launch a projector and or install configuration files that allow limited access to local data on the system. There is an active knowable action on the users’ part.Sure it is a bit of a hassle for developers but without it you could potentially have worse case scenario where an innocent looking Banner Ad or a Hidden SWF running in your email would go to specific paths on the end users’ system and submit sensitive data back to the server and could do so without the user being able to protect themselves except by not using the Flash Player. And I don’t think anyone wants that.As the Flash player grows in sophistication its potential for good rich Internet and in many cases Desktop and Web 2.0 applications grows with it. But it also provides a more cleaver means of doing evil that many software companies aimed at protecting users from spam, Trojans and virus respond to with a broadsword rather then a scalpel. I have personally received support calls from users who after uninstalling their OEM pop up blockers were still not able to view Flash content they needed to see. Adware programs that declared the Flash Player as potentially dangerous software that should be removed. This is not an acceptable reality for anyone building their websites or applications with the Flash Platform. So even when a security hole has not been found and exploited we have to make certain the Flash Player is as secure from potential and imagined issues as we do from known threats so that the perception of Flash in the larger software industry is not one of some web toy used to let marketing companies track you across the internet or give companies a fear of using a Flex solution for their business because their IT departments will not permit the Flash Player to be installed due to even the most modest of vulnerabilities.Not all security changes make the most sense at first. That just shows you are more interested in producing good content then looking for ways to breach security. But by all means, request enhancements to make being secure less disruptive to your work flow and easier for you as a developer. That will help us to make these sorts of transitions much less traumatic for the real world Flash Developer.-Ken

  34. Diane says:

    I am working on our parish website and it will include a small flash intro. I have added the local file URL to the security locations as well as the folders on my laptop, but it still won’t allow me to run the swf locally. We have bi-weekly meetings in a small parish meeting room which does not have internet access to discuss progress, changes, etc. How can I get it to run within the framework of the test webpage? It is quite frustrating not to be able to do this. Please advise a work around!

  35. Ken says:

    Hi Diane,I understand where you a coming from. The first encounter with the local file security model can be most discouraging, but don’t worry, once you get used to it you won’t even notice that it is there.For your projects I would recommend that you only open the SWF for your local testing unless your SWF must be shown in the HTML page due to some dependency. If the SWF has some dependency on the HTML page it is possible it may be perceived by player security as a SWF requiring network access, even if it does not actually call out to the internet. (This is often the case when javaScript is used with Flash.)In any event you will want to first make sure that your SWF is published to the intended local security context. Open the Publish Settings dialog and check the Flash Tab. You Local playback security settings should be “Access local files only”.If you have these settings the SWF should run standalone. If you have added paths to your folders where all your files reside in the Global Security Settings Manager the SWFs should be trusted and function correctly on your local system. I personally like to have “TEST” folder on my system where I start all of my projects. I make sure the entire folder is trusted so local file security does not affect me while I am developing new applications.*Note: That online setting manager dialog can be tricky. I tend the refresh the page now and then to be sure my settings have been applied.Try the following technotes: you still have a problem there could be something else preventing playback and you should contact technical support to help you find the cause and resolve it. We have encountered some rare cases where systems settings or third party products were interfering with the Player’s ability to trust content. By default the Player will not allow potential unsafe operations so in such cases a little more troubleshooting may be required.If for any reason you do have something like a CD project you need to produce one day you will want to know more about local file security to ensure you can properly deploy your application. These articles and technotes should help: hope you get your local content up and running soon and good luck with your projects.-Ken

  36. John Kirkish says:

    I am working with the FileReference object and am very frustrated that the documentation does not explain the logic underlying the “browse()” method.Here are the problems that should be explained in the documentation:1) Browse() does not open in the “home” directory, it opens in the user computer’s “default” directory.2) When a user browses and selects a file, Flash “assumes” the path as the “home” directory.3) There is no documented way of accessing the path.Is this part of the “Security Model”?Let’s examine the problems:A) In FileReference.browse(), the *User* is selecting the file, s/he is taking responsibility for security.B) If the security model doesn’t allow access to certain areas of the user’s computer, then it’s a “sin” to allow the browse() window to let the user select a file from a forbidden folder. (Note: This violates Rule #1 of programming, “Never let the user see something s/he cannot have”).I believe the documentation should have more depth.

  37. Ken says:

    Hello John,I would recommend you post your comments regarding documentation on livedocs. Those posts go directly to the Technical Writers and often open helpful discussion threads.Hope that helps,-Ken

  38. Flamman says:

    HiIam developing a CD (E-learning)with a flash GUI on a html page. I need to use javascript to comunicate and I think this sucks…And I know there are a lot of developers out there who agree. Don´t like……

  39. Greg says:

    Hi Ken,If fscommand calls are blocked locally, then why Stage.showMenu = true/false toggling is still heard by fscommand handlers ( function movie_DoFSCommand() ), even in “untrusted” sandboxes.This still allows using Javascript functions locally. I wrote a very simple AS function which toggles Stage.showMenu N times in a loop. The N number is readable by Javascript and can be used to call other functions (which one – depending on the N number). The showMenu toggling is totally silent from the end-users point of view.This breaks the security issues related to fscommand blocking, so why not to enable back fscommands…

  40. mirc says:

    thanks for artichle

  41. forum says:

    thank for information

  42. mirc says:

    thanks for apologies.

  43. mirc says:

    thanks best regards

  44. magazin says:

    thanx magazin plus

  45. mırc says:

    thanx for nice share

  46. chat says:

    thanx for artichle

  47. mirc says:

    mirc indirsohbet odalarıislami sohbetkelebekkelebek mircçet

  48. sohbet says:

    Yes Thats is a good idea

  49. bakliyat says:

    Yes good thanks

  50. wooooww cery very good

  51. looking for this kind of infos on the net.finally after my some search I found here.this article is the right place I search mostly.

  52. dedicated says:

    Or what do we think about browser support about flash files? Sometimes we live problem with flash documents supporting on firefox explorer.