An XML policy file contains a single tag, which in turn contains zero or more tags. Each tag contains one attribute, domain, which specifies either an exact IP address, an exact domain, or a wildcard domain (any domain). Wildcard domains are indicated by either a single asterisk (*), which matches all domains and all IP addresses, or an asterisk followed by a suffix, which matches only those domains that end with the specified suffix. Suffixes must begin with a dot. However, wildcard domains with suffixes can match domains that consist of only the suffix without the leading dot. For example, foo.com is considered to be part of *.foo.com. Wildcards are not allowed in IP domain specifications. If you specify an IP address, access will be granted only to SWF files loaded from that IP address using IP syntax (for example, http://65.57.83.12/flashmovie.swf), not those loaded using domain-name syntax. Flash Player does not perform DNS resolution. Here is an example policy file that permits access to Flash documents that originate from foo.com, friendOfFoo.com, *.foo.com, and 105.216.0.40, from a Flash document on foo.com: A policy file that contains no tags has the same effect as not having a policy on a server. About compatibility with previous Flash Player security models As a result of the security feature changes in Flash Player (see Flash Player security features on page 188), content that runs properly in Flash Player 6 or earlier may not run properly in Flash Player 7 or later. For example, in Flash Player 6, a SWF file that resides in www.macromedia.com could access data on a server located at data.macromedia.com. That is, Flash Player 6 allowed a SWF file from one domain to load data from a similar domain. In Flash Player 7 and later, if a version 6 (or earlier) SWF file attempts to load data from a server that resides in another domain, and that server doesn t provide a policy file that allows access from that SWF file s domain, then the Macromedia Flash Player Settings dialog box appears. The dialog box asks the user to allow or deny the cross-domain data access. If the user clicks Allow, the SWF file is permitted to access the requested data; if the user clicks Deny, the SWF file is not allowed to access the requested data. To prevent this dialog box from appearing, create a security policy file on the server providing the data. For more information, see About allowing cross-domain data loading on page 190. Flash Player security features 191
Note: If you are looking for cheap and reliable webhost to host and run your mysql application check mysql web server services.
This entry was posted
on Wednesday, October 31st, 2007 at 9:24 am and is filed under Coldfusion.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.