4 Replies Latest reply on Jul 6, 2010 3:46 AM by DavidSuix

    loadPolicyFile blocked in AS2 swf file but works in AS3

    DavidSuix

      Hello,

       

      I'm stuck with a network access issue here for the last 5 days and i need some external help...

       

      The situation is this:

      • I have 2 identical swf file just calling System.security.loadPolicyFile("xmlsocket://localhost:843"); and trying to open a socket. One is written in AS2, the other one in AS3. They're both used as local files in exactly the same way.
      • a socket policy file is up and running on port 843 (it's working, tested...)
      • both AS2 and AS3 files work in Test movie mode, they reach the socket policy file and communicate via the socket
      • when exported to swf and tested on browser, AS3 file works perfectly on any version of Flash Player (9.0.45, 9.0.115 and 10.0.1) : socket policy file is called and validated, the socket connection is established.
      • the problem is: the AS2 file won't access the network on Flash Player 9.0.115 and above; it even seems not to try to access the socket policy file. It is working on previous FP versions.

       

      There seems to be some configuration somewhere preventing the AS2 file to access the network, but allowing the AS3 file to access the network, all things beeing equal.

       

      I've tried many options for this AS2 file:

      • it's published with network access
      • i've tried to place it as local trusted and not local trusted
      • i've tried to call it from an html file with allownetworking="all"
      • i've tried to publish it for flash player 7, 8, 9 and 10
      • user settings for Flash Player is set to be very permissive and allow everything.

       

      the weird thing is that the AS3 version works.

       

      Does anyone have an idea to help me on that?

       

      Thank you,


      David.

        • 2. Re: loadPolicyFile blocked in AS2 swf file but works in AS3
          DavidSuix Level 1

          Thank you for your fast answer. That was already done...

           

          Indeed I managed to have it work this morning, but only by untrusting the file. It won't work when i allow the as2 swf to cross sandboxes. Do you have any idea why this is so?

           

          It's working the other way round with the as3 swf file: it won't work if i untrust the file, and will work if i place it as trusted in the user security settings.

           

          Thank you,

           

          David.

          • 3. Re: loadPolicyFile blocked in AS2 swf file but works in AS3
            kglad Adobe Community Professional & MVP

            that doesn't make sense.

            • 4. Re: loadPolicyFile blocked in AS2 swf file but works in AS3
              DavidSuix Level 1

              Hello Kglad,

               

              thank you for your email, i've taken some time to answer because i find it too that it doesn't make sense. I really do have a very weird behavior here in AS2 when using XMLsockets.

               

              It has to do with security policy and what's weird is that the same code is working the other way round between AS2 and AS3.

               

              The precise situation is this:

              • I have a socket police file served on port 843
              • The code I use is(both in AS2 and AS3) is this (very simple to eliminate all other possible problems) :
                • var socket:XMLSocket;
                  socket = new XMLSocket();
                  socket.connect("127.0.0.1", 23448);
                  socket.send("do something");
              • I'm using CS4 and Flash Player 10.0.2 with Firefox to test the whole thing
              • I've tested the behavior in test movie mode, in projector file, in global flash player trusted local file, in local with network and in local with file access

               

              In ActionScript 3, I get the following behaviors :

               

              Environment of test
              Results of the test
              Test Movie

              Socket access : yes

              Policy file access : no

              SWF file in global flash player trust sandbox

              Socket access : yes

              Policy file access : no
              SWF file in local with network sandbox

              Socket access : no

              Policy file access : yes
              Projector

              Socket access : yes

              Policy file access : no

               

              From all the security documentation i've read, those behaviors make sense: access to the socket policy file is only needed when the file is not trusted, and i've got socket access when the file is trusted (i'm not sure for now why i don't get access in the SWF file in local with network sandbox, if you have any idea here, that would help...)

               

              In ActionScript 2, I get the complete opposite behaviors :

               

              Environment of test
              Results of the test
              Test Movie

              Socket access : no

              Policy file access : no

              SWF file in global flash trust sandbox

              Socket access : no

              Policy file access : no
              SWF file in local with network sandbox

              Socket access : yes

              Policy file access : yes
              Projector

              Socket access : no

              Policy file access : no

               

              I have really no idea of what is going on here. I've read that AVM1 and AVM2 virtual machines have slight differences regarding the security rules, and in AS2, it seems to me that socket access won't work when the file is locally trusted.

               

              I hope this is clear enough to make sense for you.

               

              Do you have any idea of what is going on here? Are security rules made to run only for AS3 code and to block AS2 code?

               

              Thank you very much for your help,


              David.