1 Reply Latest reply on Mar 21, 2012 7:02 AM by Dmitry Shirokov

    SecurityDomain/Settings bug?

    Dmitry Shirokov

      Hello all!

       

      I've encountered a strange situation, when googling does not help at all. :/

      So, I have two swfs, app.swf and p2p.swf.

      The app.swf is on the domain-app.com.

      The p2p.swf is on the domain-p2p.com.

       

      The app.swf loads the second one using the following code:

       

      public class App {

         
      // .. some code

         
      public function load(cb:Function, err:Function):void
         
      {
              _cb
      = cb;
              _err
      = err;

             
      var loader:Loader = new Loader();
              loader
      .contentLoaderInfo.addEventListener(Event.COMPLETE, _onLoaded);
              loader
      .contentLoaderInfo.addEventListener(IOErrorEvent.IO_ERROR, _onIoError);
              loader
      .contentLoaderInfo.addEventListener(SecurityErrorEvent.SECURITY_ERROR, _onSecurityError);
             
      // note that context has neither application domain nor security domain
              loader
      .load(new URLRequest(_url), new LoaderContext());
         
      }

         
      private function _onLoaded(e:Event):void
         
      {
              trace
      ("Loaded. Connecting to the p2p network...");

              _client
      = e.target.content;
              _client
      .addEventListener(Event.CONNECT, _onClientReady);
              _client
      .connect();
         
      }

         
      private function _onClientReady(e:Event):void
         
      {
              _cb
      (_client);
         
      }

       

          // .. some code

      }
      }

       

      So, p2p.swf should not be executed from the same security/application domain as app.swf.

       

      In the p2p.swf i have the main class, which allows access from any domain:

       

      public class P2P extends Sprite
      {
         
      public function SqP2P() {
             
      Security.allowDomain("*");
         
      }

         
      public function connect():void
          {

                // pops out LSO settings window
               var lso:SharedObject = SharedObject.getLocal("dummy", "/", false);

               lso.data["foo"] = "bar";

               lso.flush(100*1024*1024);


               _connection = new NetConnection();
              _connection
      .addEventListener(NetStatusEvent.NET_STATUS, _netStatus);
              _connection
      .connect(CIRRUS_ADDRESS, CIRRUS_KEY);

             

         
      }

         
      private method _loadGroup():void
         
      {
             
      var spec:GroupSpecifier = new GroupSpecifier(_name);
              spec
      .serverChannelEnabled = true;
              spec
      .objectReplicationEnabled = true;

               

              // pops out the p2p settings window
              _group
      = new NetGroup(connection, spec.groupspecWithAuthorizations());
              _group
      .addEventListener(NetStatusEvent.NET_STATUS, _netStatus);
         
      }

         
      private function _netStatus(event:NetStatusEvent):void
         
      {
              trace
      ("NetStatusEvent:", event.info.code)

              if (event.info.code == "NetConnection.Connect.Success") {

                  _loadGroup();

              }


               // other code
         
      }

      }

       

      Now, when I call


      _client.connect();

       

      I have a settings box with P2P settings, but there instead of the domain-p2p.com i see domain-app.com. Why?!!

      The reason why I have some concerns is that I have approximately same architecture with LSO cache that behave correctly.

       

      https://img.skitch.com/20120319-dukyer7e5jsjsjyqtwmimg4wpb.png

       

      Any ideas?

       

      The settings box with local storage permission:

      https://img.skitch.com/20120320-ftxdn3xh584udnt5gx497q1yw5.png

      So here it is working perfectly.

       

      Excuse me for my poor English.