Archive for September, 2008
Cross-domain classes in ActionScript 2.0
Yes, you are right that we still live in a world with ActionScript 2.0 somewhere.
As described by
Adobe
, content loaded from different domains belong to different sandboxes, and you can make them communicate to each other by calling System.security.allowDomain(”*”).
However, this only permits you calling methods in the swf from the other domain, not the class definitions. In order to create an instance of a class from the other domain, you have to:
// http://domain1/a.swf _global["Tier"] = _root._parent.GetClassTier(); var t = new Tier();
and
// http://domain2/b.swf
class Tier {
//...
}
function GetClassTier() {
return _global.Tier;
}
Ok, now you are able to create a cross-domain instances. Then what about extending from a cross-domain class? The key is letting b.swf to load from a “proxy” class.
// http://domain3/c.swf
class Hund extends Tier {
//...
}
and
// http://domain3/c_proxy.swf _global["Tier"] = mc._parent.GetClassTier(); // call MovieClipLoader to load c.swf here
The reason you must have a proxy is bc AVM1 executes class definition in initClip stage when the loadee MovieClip is not available yet to access the loader MovieClip. If you try to extend from a class which was not in _global yet, it will never get a proper super value.
It’s ugly that you have to do such hack, while not so bad ‘cz you’re survived!
Cross-domain bug inside ActionScript 2.0
I believe it’s a bug: you turned off security check, it still tells you there’s a security violation when two swf read varibles from each other in certain way; however you end up finding that’s only a warning, you can still do it as is.
a.fla:
import System.security;
System.security.allowDomain("*");
function onLoadInit( mc:MovieClip ){
mc.test({test:"test"});
}
mcl = new MovieClipLoader();
mcl.addListener( this );
mcl.loadClip( "http://127.0.0.1/b.swf?"+Math.random(),
this.createEmptyMovieClip( "_container", this.getNextHighestDepth() ) );
b.fla:
import System.security;
System.security.allowDomain("*");
function test(o) {
trace("test func");
for(var i in o) { // violation happen here before any trace() below
trace(i);
}
}
Type http://localhost/a.swf, now you’ll get the buggy dump in log.In fact, there are an other couple of way to reproduce this, such as read/write an undefined member in a cross-domain object.