Manualshelf

Specifications

ManualsBrandsApache ManualsGadgetsMP3-341
41424344454647484950
39ADOBE FLEX 3
Building and Deploying Adobe Flex 3 Applications
Loading assets
The most common task that developers perform that requires an understanding of security is loading external
assets.
Data compared to content
The Flash Player security model makes a distinction between loading content and accessing or loading data.
Content is defined as media: visual media that Flash Player can display, such as audio, video, or a SWF file that
includes displayed media. Data is defined as something that you can manipulate only with ActionScript code.
You can load data in one of two ways: by extracting data from loaded media content, or by directly loading data
from an external file (such as an XML file) or socket connection. You can extract data from loaded media by using
the
BitmapData.draw() method, the Sound.id3 property, or the SoundMixer.computeSpectrum() method.
You can load data by using classes such as the SWFLoader, URLStream, URLLoader, Socket, and XMLSocket
classes.
The Flash Player security model defines different rules for loading content and accessing data. Loading content
has fewer restrictions than accessing data. In general, content such as SWF files, bitmaps, MP3 files, and videos
can be loaded from anywhere, but if the content is from a domain other than that of the loading SWF file, it will
be partitioned in a separate security sandbox.
Loading remote assets
Loading remote or network assets relies on three factors:
Type of asset. If the target asset is a content asset, such as an image file, you do not need any specific permis-
sions from the target domain to load its assets into your Flex application. If the target asset is a data asset, such as
an XML file, you must have the target domains permission to access this asset. For more information on the types
of assets, see
“Data compared to content” on page 39.
Target domain. If you are loading data assets from a different domain, the target domain must provide a cross-
domain.xml policy file. This file contains a list of URLs and URL patterns that it allows access from. The calling
domain must match one of the URLs or URL patterns in that list. For more information about the cross
-
domain.xml file, see “Using cross-domain policy files” on page 40. If the target asset is a SWF file, you can also
provide permissions by calling the loadPolicyFile() method and loading an alternative policy file inside that
target SWF file. For more information, see
“Using cross-domain policy files” on page 40.