Opening local sockets is by default prohibited in the Flash Player. This actually makes a lot of sense. You wouldn’t want any website you visit being able to open a socket on your machine. However, there are some times when you actually need this.
Such times are when you want to access a Wiimote through WiiFlash, when you want to access an Arduino through SerialProxy/TinkerProxy or when you want to send MIDI data through flosc (link down). How can we tell the Flash Player to relax instead of giving us the dreaded “SecurityError: Error #2010” or the evil “Security Sandbox Violation” ? Read on.
The classic scenario is this : you have been working on a Flash project involving opening local sockets. You are compiling it in the Flash IDE and everything works smoothly. Then you try to run the .swf file directly (or you try to debug it in the Flash IDE) and it just does not work. What gives ?
Well, when you compile in the Flash IDE, the security sandbox issues are being ignored. They are ignored but only for one single execution following compilation. This means that when you compile from the Flash IDE you can do pretty much as you please… once. However, when you run a .swf file directly it launches in Flash Player and the security policies are being enforced. You can no longer freely open sockets. What can be done ? There are several ways you can overcome this issue.
1. Modify the Flash Player Security settings
The first thing you can do is change Flash Player’s security settings. This is pretty easy but it is done in the weirdest fashion. To change the Flash Player security settings you need… an internet connection. What ?! Yep. Here’s how it goes. Launch you SWF file, right-click the scene and select Settings.
Then select Advanced.
This will take you to Macromedia’s err…
Adobe’s Flash Player Settings Manager page (orphaned link). On this page there will be a Flash movie whose sole mission is to let you adjust various settings. Simply add a file, folder or whole drive to the authorized list and you are good to go.
But wait, what if I do not have internet access ? I guess this is impossible to Adobe engineers… To be honest, they did implement other ways to achieve the same result. The first one is to simply compile your project as a projector.
2. Compile as a projector
When compiled as a projector, your Flash movie will ignore the security sandbox and let you access local sockets. That might be the easiest solution for most scenarios. In the Flash IDE, you simply go the File menu and then to Publish Settings. In there, tick the Projection Windows or Projection Mac checkbox and compile your movie. This will generate a .exe (Windows) file or a .app (Mac) file that you can execute simply by double-clicking it.
3. Authorize the file through the FlashPlayerTrust folder
If the above does not work for you, you can also authorize your swf file through the FlashPlayerTrust folder. Depending on your platform, you can find this folder at the following locations :
- C:\windows\system32\Macromed\Flash\FlashPlayerTrust (for all users)
- C:\Documents and Settings\john\Application Data\Macromedia\Flash Player\#Security\FlashPlayerTrust (for a single user)
- /Library/Application Support/Macromedia/FlashPlayerTrust (for all users)
- /Users/john/Library/Preferences/Macromedia/Flash Player/#Security/FlashPlayerTrust (for a single user)
- /etc/adobe/FlashPlayerTrust (for all users)
- /home/john/adobe/FlashPlayerTrust (for a single user)
What you need to do is create a new text file and save it to this folder. Your text file can be named anything you want but it should end with the .cfg extension. In this file, add the absolute path to the file (swf or flv) that you wish to authorize.
4. Target the Air player
Obviously you can also compile your project targeting the Air player instead of the Flash Player. Doing that is a bit outside the scope of this article but for most projects it simply means going to “Publish Settings…” and changing the player to Air. For physical computing projects that are not viewed in a browser, Air is much more appropriate and offers more flexibility.
Other ways ?
If you have any other verified ways of doing this (perhaps serving the swf on a local webserver or using a crossdmain.xml file), please let me know so I can add it to this list. Cheers!