1 Reply Latest reply on Dec 26, 2008 11:20 AM by yoav@cyteam.com

    Security sandbox violation: BitmapData.draw()  from video

      Video files on amazon’s S3 service.
      Each S3 bucket (folder/URL) that contains videos also have a crossdomain.xml policy file.
      My backend server runs MySQL dB and data-services that communicate with the Flash/Flex client and are deployed on another host/server environment.

      The SWF file is also served from that “domain” ( where the Data-Services and Db are deployed).

      The application in general does a variety of virtual editing and manipulations of video & media content within the context of Media projects.

      Now at some module I take a BitImage snapshots of videos by using BitmapData.draw() using the video (flash.media.Video instance ) as the source for the draw .

      All is well when I’m running/debugging locally ( e.g. the SWF is served within the Flex builder environment) However, when I deploy I get a “Security sandbox violation” error.
      The specifically:
      SecurityError: Error #2122: Security sandbox violation: BitmapData.draw: http://<host URL>/AppWrapper.swf cannot access http://<amazon S3 url>/<video filename>.flv. A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
      at flash.display::BitmapData/draw()
      at as_classes::FlxVideo/takeSnapshot()
      at components.popups::NewFootagePopup/takeImage()
      at components.popups::NewFootagePopup/__imageButton_click()
      From reading and Googling around I understand that I need to create a LoaderContext, set its loaderContext.checkPolicyFile = true; and attach it to the Loader object that loads the video.
      However, I can’t find any relevant objects that I can associate it with e.g.:

      flash.media.Video doesn’t have a loader object
      the Netsream object (flash.net.NetStream) which actually does the “playing” doesn’t have one and neither the flash.net.NetConnection object which is also involved.

      I tried variety of other security related setting such as allowDomain(..) and the like but for no avail.

      I appreciate anyone with relevant ideas/hints/pointers



        • 1. Re: Security sandbox violation: BitmapData.draw()  from video
          yoav@cyteam.com Level 1
          Problem solved. (me bad)
          NetStream class does have a checkPolicyFile property !!
          set it to true and all is well !
          ( the docs specifically state:
          Set this property to true when you are loading a video file from outside the calling SWF file's domain and you need to use the BitmapData.draw() method for pixel-level access to the video. If you call BitmapData.draw() without setting the checkPolicyFile property to true at loading time, you may get a SecurityError exception because the required policy file was not downloaded.)