Flash SecurityDomain, P2P settings and multiply swfs

Question

I have two swfs:

1. application swf
2. p2p client swf that allows to load data using rtmfp replication technology (through cirrus service)

The main idea is to have one p2p loader on the certain domain that will able to work in p2p network without asking many times for permission for each domain, so for instance:

• application 1 (http://domain1.com/app.swf) |
• application 2 (http://domain2.com/app.swf) | <--> p2p data loader (http://domainp2p.com/p2pcli.swf)
• application N (http://domainN.com/app.swf) |

The p2p client loads binary data by request, content really does not matter I believe.

So, I load p2pclient swf using following class (app.swf)

public class ClientLoader {

    // .. some code

    public function load(cb:Function, err:Function):void
    {
        _cb = cb;
        _err = err;

        var loader:Loader = new Loader();
        loader.contentLoaderInfo.addEventListener(Event.COMPLETE, _onLoaded);
        loader.contentLoaderInfo.addEventListener(IOErrorEvent.IO_ERROR, _onIoError);
        loader.contentLoaderInfo.addEventListener(SecurityErrorEvent.SECURITY_ERROR, _onSecurityError);
        // note that context has neither application domain nor security domain
        loader.load(new URLRequest(_url), new LoaderContext());
    }

    private function _onLoaded(e:Event):void
    {
        trace("Loaded. Connecting to the p2p network...");

        _client = e.target.content;
        _client.addEventListener(Event.CONNECT, _onClientReady);
        _client.connect();
    }

    private function _onClientReady(e:Event):void
    {
        _cb(_client);
    }

}
}

The p2pclient itself (p2pcli.swf):

public class P2P extends Sprite
{
    public function SqP2P() {
        Security.allowDomain("*");
    }

    public function connect():void
    {
        _connection = new NetConnection();
        _connection.addEventListener(NetStatusEvent.NET_STATUS, _netStatus);
        _connection.connect(CIRRUS_ADDRESS, CIRRUS_KEY);

        // after successful connect this method called
        _loadGroup();
    }

    private method _loadGroup():void
    {
        var spec:GroupSpecifier = new GroupSpecifier(_name);
        spec.serverChannelEnabled = true;
        spec.objectReplicationEnabled = true;

        _group = new NetGroup(connection, spec.groupspecWithAuthorizations());
        _group.addEventListener(NetStatusEvent.NET_STATUS, _netStatus);
    }

    private function _netStatus(event:NetStatusEvent):void
    {
        trace("NetStatusEvent:", event.info.code);
    }

}

But it looks like that Flash Player ignores the security session and is trying to save the pop-up settings for the domain that app.swf belongs to, but not for the p2pcli.swf domain. Why?!

I have absolutely same code, but p2pcli.swf replaced with swf that stores data in Local Shared Object and all the domain1-2-N.com has access to it.

Any ideas?

I know, my English is crap :(

Answer 1

I really am not totally sure, but I'll throw my answer out there in case it is helpful.

Based on the general purpose of such security messages, I'm not entirely sure you CAN keep that dialog from showing up. In some cases, I'm certain Peer Assisted Networking can be a security risk for some people (and anyway, it is using their bandwidth.) The settings for turning on and off that notification are user-side, in the Flash settings dialog (Control Panel in Windows 7...), thus that hints that it is inherently hardwired into the Flash platform.

Of course, since I'm more of an Adobe AIR specialist, I could be completely wrong...for your project's sake, I'm sincerely hoping I AM!

And, for the record, your English was almost perfect. I tweaked one paragraph for clarity, but otherwise, spot on. :D