Shulou(Shulou.com)06/02 Report--

This article will explain in detail how Flex solves the problem of security sandbox. The editor thinks it is very practical, so I share it with you as a reference. I hope you can get something after reading this article.

Cross-domain file reading

Method 1: deploy the crossdomain.xml file on the target server (this method I use is very useful, so it's no problem to put it on). You need to define the remote service root directory with a crossdomain.xml file, as follows:

Method 2: use an agent to read the remote files to be accessed by Flex locally through scripts such as asp,php,jsp, and then access them by Flex

Method 3: after opening the program using Adobeflashplayer9, click File-> create a player in the menu bar. The exe file is generated, and the security limit can be broken by running the exe file.

Method 4:

1. Find this folder: C:\ DocumentsandSettings\\ ApplicationData\ Macromedia\ FlashPlayer\ # Security

2. Create a folder called "FlashPlayerTrust" under it

3. Create a new TXT file under the "FlashPlayerTrust" folder as follows: C:\ d:\ e:\ f:\

4. Name the txt file "myTrustFiles.cfg" and then open the SWF file on your hard drive, and the annoying security settings prompt window will not appear!

Method 5: use HttpService it has Proxy by default, need to configure flex-config.xml, there is a paragraph: …

This is a whitelist and is generally commented out, that is, only local http://{localserver}/* and https://{localserver}/* can be accessed by default. Others need to be modified to what they need in flex-config.xml.

Naturally, visiting the local area will not cross-domain, but you must have access to other machines in the local area network, so it belongs to cross-domain according to the whitelist rule.

Socket sandbox problem

When using Socket to communicate in the Flex security sandbox, it will also be troubled by the new security policy of Flash9. The solution is not like placing a crossdomain.xml in the Web server, or opening port 843 on the server to provide security policy. One way is to send a security policy to a client after receiving a connection.

For example, I am using JAVA to develop. The Flex of the client will first search the same domain and the 843 ports of the server to see if the security policy can be obtained. At this time, the Socket is established first, and the policy string can be sent to it as soon as the Socket is received, that is, when the Accept event occurs, otherwise the client will be disconnected because the security policy fails. If the policy is successfully obtained, the client will disconnect the previous Socket. Then really carry out the Socket connection request you requested in the program.

This is the end of the article on "how to solve the security sandbox problem in Flex". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.