There are also changes in the security rules that determine whether one SWF file can access another SWF file and how external data can be loaded. When Flash Player 7 is running inside a browser over HTTP, domains must be identical for data transfer to succeed. Even a sub-domain can no longer read data from a parent domain and vice versa. So, for example, http://myServer.myDomain.com cannot exchange data with http://www.myDomain.com . One way to overcome this restriction is to create a small XML file called a cross-domain policy file (and named crossdomain.xml ) on the machine providing the data. crossDomainPolicyFiles.htm on the CD accompanying this book contains a link to information on cross-domain policy files, including a link to the Macromedia tech note discussing this issue. There is also a new restriction that prevents an SWF file that is loaded using nonsecure (non-HTTPS) protocols from accessing content that is loaded using a secure (HTTPS) protocol, even when both are in exactly the same domain. For more on these security issues, see Chapter 22, "External Communications," page 617 , Chapter 23, "Using Flash for Dynamic Data," page 661 , and security2004.htm on the CD accompanying this book. |