did Flash 13.0.0.214 break navigateToUrl()?

Report · May 13, 2014

I have a flash enterprise app whose report windows suddenly no longer work after updating to 13.0.0.214.

We are using navigateToUrl() to send a POST whose HTML results would show in a new window.

Have there been any security updates related to that for this version of the player?

Report · May 13, 2014

It is indeed a new security restriction. This is the error that occurs when debugging:

Error #3769: Security sandbox violation: Cannot send HTTP headers when using navigateToUrl()

If we can post, why can't we set the headers? I use the headers to communicate the same session token.

Report · May 13, 2014

We can do POST requests, which is good. But since we cannot set the headers on navigateToUrl requests, we cannot do things like set the contentType header of that post, pass in security/session headers, etc.

This restriction breaks the normal workings of using POST with navigateToUrl(). It is an excessive change.

Report · May 13, 2014

I filed this Flash bug: Bug 3759971: Security error #3769 is too excessive, breaks navigateToUrl()

Report · May 15, 2014

This bug seems to be getting some traction, it is looking pretty critical for people. Could it's priority please be escalated.

Report · May 14, 2014

Hi, I have a same problem , approximately 200 costumers broken. And they use the software the every day so it is very urgency.

When will one be able to have an update?

There exists a program of rollback ?

Report · May 15, 2014

We had several hundred enterprise clients dead in the water because of this.

We can't even wait for a fix and getting people to downgrade is not practical.

As a workaround, we removed the headers sent with navigateToURL and

changed the payload (a multi-form binary) to be encoded into a single string,

with corresponding changes to decode it on the server side script.

Not pretty, but it works as a temporary fix.

Report · May 15, 2014

Wish I was able to find this post earlier...

I'm finding the exact same thing. I made a post two days after yours, Site functionality broken after newest Player update

My stuff also uses navigateToUrl().

I've got just over 100,000 users potentially being affected by this, and the number seems to be growing. I'm being overwhelmed with user complaints 😕

Report · May 16, 2014

vote for the bug: Bug 3759971: Security error #3769 is too excessive, breaks navigateToUrl()

Report · May 19, 2014

Dear all,

We also had this problem on production with a a lot of annoying calls.

Since our application doesn't depend on headers, I've stripped out all the headers from the array.

<code>

var myRequest:URLRequest = new URLRequest (url );

//Here I don't know how many headers are sent, so we remove all the headers.

while(myRequest.requestHeaders.length>0){

myRequest.requestHeaders.pop();

}

</code>

I can confirm this worked on our clients with Chrome/Firefox/Safari Mac and Windows.

The Flash version is the last (and troublesome one) : 13.0.0.214

Best Regards,

Ricardo Seixas

Report · May 21, 2014

My application also uses SWF (AlivePDF )+ Java Servlet to generate PDF/PPT and it was for flash version 13.0.0.6 and not working for 13.0.0.213/214

with below changes i made it work for Flash version 13.0.0.213/214

Flex Change:

Comment the this line :

myPDF.save(Method.REMOTE, "https://myserver.com:8443/pdfService/Weekly_Report?download="+reportType, "Report.pdf");

and add below code to post the pdf data to servlet

var bytesTemp : ByteArray = myPDF.save(Method.LOCAL);

var sendRequest:URLRequest =null;

if(reportType=="ppt"){

sendRequest=new URLRequest("http://myserver:8080/pdfService/GeneratePPT");

}else{

sendRequest=new URLRequest("http://myserver:8080/pdfService/GeneratePDF");

}

sendRequest.method = URLRequestMethod.POST;

sendRequest.data = bytesTemp;

navigateToURL(sendRequest,'_blank');

Java Servlet Code to get generate the PDF:

ServletInputStream si =null;

ServletOutputStream stream = null;

int i = 0;

int k = 0;

int maxLength = request.getContentLength();

byte[] bytes = new byte[maxLength];

si = request.getInputStream();

try{

while (true)

{

k = si.read(bytes,i,maxLength);

i += k;

if (k <= 0)

break;

}

if (bytes != null){

stream = response.getOutputStream();

response.setContentType("application/pdf");

response.setContentLength(bytes.length);

response.setHeader("Content-disposition","inline; filename=scroReport.pdf" );

stream.write(bytes);

stream.flush();

// stream.close();

}

}catch(Exception ex){

// ex.printStackTrace();

}finally {

try{

if (si != null) {

si.close();

}

if (stream != null) {

stream.close();

}

}catch(IOException ex){

}

following code is tested with IE 8/9 , Flash Version 13.0.0.213/214

Report · Oct 10, 2014

is this issue resolved in any heigher version of flash flayer, please respond.

Report · Oct 16, 2014

No. This is not a bug. It was an intentional security-related change. We will not be reverting to the previous behavior, sorry.