If the AS is required to preview then the preview won’t work. But if you load the SWF from a different subdomain it will load into its own sandbox where the AS can do less damage, although some SWFs cannot run in a sandbox.
Thanks,but have't other easier methods? I want to save the swf file in server-side after previewing it.
You can try allowCodeImport, but again, if the SWF needs to run code, it might still fail.
I've met the same problem.
If a local swf file is written to byte array by FileReference and assign the byte array to SWFLoader' source,
loaded swf runs at same sandbox as the main application.
So loaded swf can access main application' resource.That is a security risk.
Why locally loaded swf can access remotly loaded main application's resource?
Again, you can use allowCodeImport to block running script in the child.
Did you run your test from http:// The security rules are tighter there, and the loaded SWF should be calling from the main apps domain. It is my understanding that you’ve effectively done a WGET.