从 file:///运行 SWF，而无需用户更改其 Flash Player 安全设置 [英] Running a SWF from file:/// without having the user change their Flash Player security settings

问题描述

我有一个 Flex 应用程序，它处理大量的网络流量，它使用 ExternalInterface 进行一些 javascript 调用(用于 SCORM)，它加载 XML 文件、图像、视频、音频，并且它有一系列模块可以正在加载中...

所以问题是 - 我们现在有一个要求，即用户需要在未连接到 Internet 的机器上本地运行此内容(这意味着他们无法连接到 Adob​​e 的站点以更改其安全设置.)可以想象，当用户双击 html 页面来启动这个东西时，他们会收到一个安全警告，表明 swf 正在尝试与它所在的域之外的另一个域进行通信.我们无法将它包装起来一个 exe 或一个 AIR 应用程序，所以我除非有某种方法来调整我们可能会被灌输的一些晦涩的安全设置.有什么想法吗?

解决方案

您尝试做的正是 AIR 解决的问题.你真的应该试一试，它并不难上手.如果你真的不会使用AIR(你没有说明原因，所以我假设只是因为你不想学习一个新系统)，那么修改安全配置文件就可以解决问题.

基本上您需要做的是在Global FlashPlayerTrust"目录中创建一个信任"文件.这可以由您的安装程序完成(将所有 javascript、SWF、html 等文件安装到本地计算机上).如果目录不存在，您应该创建该目录.每个操作系统的目录是:

• Windows - %WINDIR%\System32\Macromed\Flash\FlashPlayerTrust
• Mac -/Library/Application Support/Macromedia/FlashPlayerTrust
• Linux -/etc/adobe/FlashPlayerTrust

接下来，您需要创建信任文件.您可以将其命名为任何名称，因此请选择一个不太可能与其他名称冲突的唯一名称.类似于 CompanyName.cfg 的东西.这是一个文本文件，每行一个路径.您可以一次信任一个 SWF，也可以信任整个目录.示例:

C:\Program Files\MyCompany\CoolAppC:\Program Files\MyCompany\OtherApp\Main.swf

要测试它是否正常工作，您可以在 Flash 电影中检查 System.security.sandboxType(ActionScript 1 或 2)或 Security.sandboxType(ActionScript 3).它的值应该是localTrusted"

I have a Flex app that does a a fair amount of network traffic, it uses ExternalInterface to make some javascript calls (for SCORM), it loads XML files, images, video, audio and it has a series of modules that it could be loading at some point...

So the problem is - we now have a requirement where the user needs to run this content locally on a machine that is not connected to the internet (which means they can't connect to Adobe's site to change their security settings.) As you can imagine, when the user doubles clicks on the html page to launch this thing, they are greeted with a security warning that the swf is trying to communicate with another domain other than the one it's in. We can't wrap it in an exe or an AIR app so I unless there is some way to tweak some obscure security settings we may be hosed. Any idea's?

解决方案

What you are trying to do is exactly the problem solved by AIR. You should really give it a try, it's not that hard to pick up. If you really really can't use AIR (you didn't specify why, so I assume it's just because you don't want to have to learn a new system), then modifying the security config file will solve the problem.

Basically what you need to do is create a 'trust' file in the "Global FlashPlayerTrust" directory. This can be done by your installer (which installs all the javascript, SWF, html, etc files onto the local machine). You should create the directory if it does not exist. The directory for each OS is:

• Windows - %WINDIR%\System32\Macromed\Flash\FlashPlayerTrust
• Mac - /Library/Application Support/Macromedia/FlashPlayerTrust
• Linux - /etc/adobe/FlashPlayerTrust

Next, you need to create the trust file. You can name it anything, so pick a unique name that would be unlikely to conflict with others. Something like CompanyName.cfg. It's a text file, with one path per line. You can trust either one SWF at a time, or an entire directory. Example:

C:\Program Files\MyCompany\CoolApp
C:\Program Files\MyCompany\OtherApp\Main.swf

To test that it's working, inside your flash movie you can check System.security.sandboxType (ActionScript 1 or 2), or Security.sandboxType (ActionScript 3). It should have the value of "localTrusted"

这篇关于从 file:///运行 SWF，而无需用户更改其 Flash Player 安全设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！