The following tech note outlines basic security restrictions associated with the Flash player.
When a SWF is being played on a users hard drive (including from a CD or other local drive), either from the standalone player or through a browser or web page loading the SWF from a local folder on your machine (projectors or other executables are not affected), by default the Flash player is only allowed to access either local content (C:\ etc.) or internet or network content (http:// etc.).
When accessing local content, this is known as the local-with-filesystem sandbox. When accessing network content, this is known as the local-with-networking sandbox.
The only way a SWF file can access both local content and network content and be in what is known as the local-trusted sandbox is if it is given explicit permission to do so. This includes:
Flash developers simply do not have enough control over permissions to ensure a local-trusted sandbox (allowing access to both the local file system and the network).
When publishing a SWF, Flash developers can decide between with-filesystem and with-networking capabilities in the Flash tab of a FLA's Publish Settings.
For Flex 2, this is done using the
argument where a value of
true represents local-with-networking and
false represents local-with-filesystem.
Note: A SWF with a sandbox of local-with-filesystem is not allowed to load a SWF with a sandbox of local-with-networking, nor the other way around.
How do I let local Flash content communicate with the Internet? [4c093f20]
For non-local playback, when a SWF is running from the internet or on the network from a server (remote sandbox), security restrictions apply to SWFs on different domains. A SWF in a remote sandbox can never access local files.
Restrictions for content are in place for accessing data (via ActionScript)
of content from different domains. Any non-data content such as SWFs, bitmaps,
audio, and video can be loaded and played or displayed within the Flash player
without restriction. Obtaining access to data from that content such as
ActionScript variables and methods, pixel information (from
BitmapData.draw()), or sound information (from
Sound.computeSpectrum()) or loading data stored in text or XML
files is restricted.
For ActionScript cross-scripting, the
allowDomain() (AS2, AS3)
command is used to allow one SWF from another domain access ActionScript
properties and methods within the current SWF.
Loading data across domains
System.security.allowDomain() in ActionScript 2
Security.allowDomain() in ActionScript 3
For non-SWF content, a cross-domain policy file is used. For bitmaps, audio, and video content, the cross-domain policy file is only needed to access the content's data via ActionScript. These files will otherwise be able to load into the Flash player without problems. For XML and other text files which are considered to be entirely data, the cross-domain policy file is required to load the file.
External data not accessible
outside an Adobe Flash movie's domain [tn_14213]
Accessing loaded media as data (ActionScript 3.0)
For a more complete description of the Flash Player 9 security model, read the Flash Player 9 security white paper. Additional information regarding security can be found by visiting the Flash Player security and privacy page.
Changes made to Flash player security by release can be found here: