0

So after adding support for dynamic images, a la MovieClipLoader, to a project that I'm working on, I came across some strange behavior. In local tests, the requested images load fine and I am able to use them as I like. However, when the .swf is hosted online, the images are not visible, even though I don't get an onLoadError event. This behavior seems rather odd and is obviously not desirable. Through some testing, I found that the dimensions of the images loaded with the MovieClipLoader matched that of the source images, but getPixel was returning "-1".

I am extracting the images through the BitmapData.draw method, but I don't think this is the cause of the problem, as my implementation functions properly offline.

The images are hosted by a website with an open crossdomain policy. I can't imagine it's a matter of crossdomain security.

It shouldn't be a restriction on the server hosting the .swf, as I am able to retrieve xml data from other websites.

I'm hoping it's something simple, and not an inherent problem with the MovieClipLoader class. I figured I'd try to rule out the latter by coming here.

Thanks.

Aierou
  • 113
  • 5
  • Well, I found the issue. Adobe is afraid of its own shadow and, as a result, applied an undocumented (poor, abstract documentation at most) security feature to the BitmapData.draw method. It would appear as if they waste memory to determine if an object was loaded across domains and prevent the use of the object in BitmapData.draw. I cannot begin to fathom how drawing images across domains could be exploitable, but I'll try not to read too far into it. Thanks Adobe! I appreciate the headaches and the imperfect solution that I am now required to use. – Aierou Feb 12 '14 at 01:41

1 Answers1

0

BitmapData.draw has crossdomain security. One must make use of System.security.loadPolicyFile() in order to allow the drawing of crossdomain objects.

Aierou
  • 113
  • 5