Security sandbox conflict when I Load atf by worker(flash player of Web browser)

Question

MainSwf:private function loadWorker():void{
		Security.allowInsecureDomain("*");
	Security.allowDomain("*");
	var workerLoader:URLLoader = new URLLoader();
	workerLoader.dataFormat = URLLoaderDataFormat.BINARY;
	workerLoader.addEventListener(Event.COMPLETE, loadComplete);
	workerLoader.load(new URLRequest("workerSwf.swf"));
}

private function loadComplete(event:Event):void
{
	// create the background worker
	var workerBytes:ByteArray = event.target.data as ByteArray;
	var worker:Worker = WorkerDomain.current.createWorker(workerBytes, true);
	
	// listen for worker state changes to know when the worker is running
	worker.addEventListener(Event.WORKER_STATE, workerStateHandler);
	//build
	mainToWorker = Worker.current.createMessageChannel(worker);
	workerToMain = worker.createMessageChannel(Worker.current);
	
	//init worker name
	worker.setSharedProperty("mainToWorker", mainToWorker);
	worker.setSharedProperty("workerToMain", workerToMain);
	
	workerToMain.addEventListener(Event.CHANNEL_MESSAGE, onWorkerToMain);
	
	worker.start();
}

private function workerStateHandler(e:Event):void{
	_workerInit = true;
	mainToWorker.send(1);
} workerSwf:private function init():void{
	Security.allowInsecureDomain("*");
	Security.allowDomain("*");
	//init worker by name
	mainToWorker = Worker.current.getSharedProperty("mainToWorker");
	workerToMain = Worker.current.getSharedProperty("workerToMain");
	//addEventListener
	mainToWorker.addEventListener(Event.CHANNEL_MESSAGE, onMainToWorker);
}

public function onMainToWorker(event:Event):void {
	//load atf
	var loader:URLLoader = new URLLoader();
	loader.dataFormat = URLLoaderDataFormat.BINARY;
	var r:URLRequest = new URLRequest("1.atf");
	
	loader.load(r);/////   throw Error:Security sandbox conflict
	//SecurityError: Error #2148:
			// SWF file file:///D:/A/bin-debug/boot.swf Local resources cannot be accessed file:///D:/A/bin-debug/1.atf。
	//The Local resources can be accessed by the SWF of File system and  trusted Local SWF.
			//at flash.net::URLStream/load()
			//at flash.net::URLLoader/load()
	//
	
	loader.addEventListener(Event.COMPLETE, onComp);
	loader.addEventListener(IOErrorEvent.IO_ERROR, onErr);
	function onComp(e:Event):void{
		var bytes:ByteArray = loader.data as ByteArray;
		bytes.shareable = true;
		workerToMain.send(bytes);
	}
	function onErr(e:IOErrorEvent):void{
		workerToMain.send(0);
	}
}

jeromiec83223024 · Answer

Loading files from the local filesystem is generally problematic. If we were building a browser plug-in from scratch, we wouldn't allow it at all.

If you can, you're better off doing local development with a local webserver instead of loading your content off the local filesystem. It *greatly* simplifies things, as you're not dealing with the local-with-filesystem/local-with-network considerations, and if you ever intend to publish the content to the web, you're building it with a whole different set of security considerations in effect. The local webserver will prevent you from that category of nasty surprise.

Anyway, that said, it might be related to the EnableInsecureLocalWithFilesystem directive here:

https://www.adobe.com/content/dam/acom/en/devnet/flashplayer/articles/flash_player_admin_guide/pdf/latest/flash_player_32_0_admin_guide.pdf

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded