1

I am trying to load a remote image into my AIR application, and I get the following error:

*** Security Sandbox Violation ***
SecurityDomain 'http://[------].com/app/widget/twitter.png' tried to access incompatible context 'app:/App.swf'

*domain name redacted

So it is basically saying that the remote image is trying to access the application? How do I add the remote domain as trusted?

I tried Security.allowDomain('www.[------].com') and got the following error:

SecurityError: Error #3207: Application-sandbox content cannot access this feature.
at flash.system::Security$/allowDomain()
Straseus
  • 478
  • 1
  • 4
  • 14

1 Answers1

2

Do you have access to the remote domain to put a crossdomain.xml file on the root of the web-server?

If not, you can get around the sandboxing issues by loading the image as a byte array (See URLLoader) and then converting it into an image (See SWFLoader.loadBytes) in memory.

Richard Walton
  • 4,789
  • 3
  • 38
  • 49
  • I do have access. But isn't it the application that requires an equivalent of a crossdomain.xml? – Straseus Feb 19 '12 at 13:40
  • There are a lot of pitfalls with the flash security sandbox, and I must admit I'm not 100% up to date with the AIR sandbox (Which tends to be a bit more strict). TBH I'd just give it a go, and see if it works. If it doesn't work, I'd do as I mentioned in my answer and load the files as byte arrays. – Richard Walton Feb 19 '12 at 14:18
  • Richie is right. It's not the application that needs the crossdomain, it's the domain where your app tries to download things from. You need to put the crossdomain at the top level of the domain. – J_A_X Feb 19 '12 at 19:49