Just to clarify, if the subapplications are loaded from the web everything works fine, but if they are stored locally the problem appear.
Do you need this to work off-line? Otherwise the apps should be built to
load the RSLs off the web.
Hey thanks for the interest shown,
Unfortunately this has to work offline(sorry that I did not mentioned this). So the RSL need to be loaded from the local filesystem. In the
best scenario the same subapplications swf would be used from server too, and then it will need the RSLs from the server. But if it
can't be done, only the first part is also enogh(local swf with local RSLs).
Do you have control over the install? If you set up trust files, it should
I really don't get this. Do you mean to install the subapplications with the main app? I am really not sure what you mean, so
I will really appreciate if you get in some details here.
Unfortunately I am aiming for free scenario, where the swf are on server and the clients has two options: to download
the SWFs and the RSLs and then to load the local subapplication even without connection. Or to load them remotely and let
them load the RSLs remotely too. So install time I don't really know neither the subapplications neither the RSLs wich they will need.
You can read more about security on the adobe site. Look for the Security
WhitePaper for the various player versions. Especially the part about trust
If you have some way to get the subapp SWFs installed on the users computer,
you have an opportunity to adjust the trust files.
There is a lot of documentation on the topic including the "Flex Marschall Plan" and a post in blog(probably yours?). The problem is that the solution on the problem is to set trustContent to true for the SFWLoader(which will load the content in the same SecurityDomain). But it is not an option in an AIR application. So I am not sure, if I am not looking the right sources, if the feature is not fully documented or it is just impossible with the current version of the platform.
RSLs have to be of the same version as the app, so Marshall Plan stuff
doesn't apply. The Security WhitePapers talk about trust files, which get
around some of the SecurityDomain issues.
Is there any way to reliably edit the trust files with AIR application?
As I see it we have to make the user to add our folder to the trusted locations, or to use some application which can find and write in the FlashPlayerTrust (native for the specific OS installer for example.). (even finding this directory with an AIR application seems not 100% reliable).
Thanks in advance for you help.
Ps: Right now I am trying to patch this.
I compiled some sub-applications using custom preloader class(the controlling class, not the UI), where I removed the RSL loading. After that in an ApplicationDomain I load all the RSLs with loaders. After that I load the sub-application in the same domain. On paper this should work, but the sub-application can't find the classes from the RSLs(the first exeption is that there is no definition for spark.components.Application)
I think you'd have to use the NativeProcess API to run some custom code to
deliver the environment variables you'd need to set up the trust files.
Depending on which RSLs you are loading, you can't delay their loading. As
you have seen, the App can't even startup without loading the RSL containing
the Application class.
Actually in the last scenario I am kinda preloading them, not delaying them . I will try the native process api. Thanks a lot.