Enabling BitmapData.draw (..) on crossdomain images in Adobe Flash Player 9
Adobe Flash Player 8 and 9 have security-sandbox where-in you can not use BitmapData’s draw (..) on crossdomain images, as I mentioned in one of my posts. There is no easy way of doing it with Flash Player 8, you need some kind of shim/library.swf or server-side proxy.
Fortunately, Adobe Flash Player 9 has some APIs (Loader, LoaderContext) to make life easier, provided you have a crossdomain.xml with right permission on the server hosting images.
Say “ServerA” has main application and “ServerB” hosts image files. You need to place crossdomain.xml in root of “ServerB”. Just having crossdomain.xml is not sufficient, so you need to do something more:-
- Create a LoaderContext instance
- Set it’s checkPolicyFile = true;
- Pass LoaderContext instance to Loader.load (..) method, as shown below.
Note: Following code shows the steps, it’s not a working example.
var request:URLRequest = new URLRequest ();
request.url = "http://ServerB/images/foo.jpg";
//This is important step..
var loaderContext:LoaderContext = new LoaderContext ();
loaderContext.checkPolicyFile = true;
var loader:Loader = new Loader ();
loader.load (request, loaderContext);
//now you can draw.
var bitmapData:BitampData = new BitmapData (200, 200);
bitmapData.draw (loader);Why we need to this? Doing so would instruct Flash Player not to begin downloading the image file until after attempting to download a policy file. If Flash Player successfully finds policy file with right permission, you are set to do Bitmap drawing.
Believe me, that’s all you need as long as you meet two criteria (crossdomain.xml and checkPolicyFile=true). I would try to post a working example.
Abdul,
Thx a lot for this post, i spent a lot of time to fix this problem and i had no idea about the reason till i red it…
david
this can also be achieved in actionscript 2.0 by using
System.security.loadPolicyFile(”")
Abdul,
Please provide a example of cross domain solve. i am really confused with this problem which belongs to my current project. i can not understand. Please help me.
@richardt: No, this doesn’t work in AS2.0.
@Avijit: What problem are you facing? There are some cross-domain problems that can be solved using crossdomain.xml or a server-side proxy… In this post we talked about a problem where Flash Player API doesn’t let you grab bitmap-data of video/image coming from other domain, even when there is crossdomain.xml (AS3 allows you to load the policy before code-invocation but AS2 doesn’t).
However, there is a workaround to grab the bitmap-data (screenshot) of a video from external (YouTube or others) sites without using any crossdomain.xml or server-side script…
Check out the last update (section) in this post:-
http://www.abdulqabiz.com/blog/archives/flash_and_actionscript/bitmapdatadraw.php
-abdul
What if
loaderContext.checkPolicyFile = true;
doesnt work ?
@Elad: I think, it works in Adobe Flash Player 9, but not in Flash Player 8 or lower.
-abdul
System.security.loadPolicyFile() DOES work in Actionscript 2.0
Tested it myself…
Just wanted to confirm, for anybody else, that it DOES WORK in AS 2.0. You just have to force it to load the policy file:
System.security.loadPolicyFile(”http://” + myDomain + “/crossdomain.xml”);
I put that as soon as I know the domain I’m loading from, and everything works.
Just thought I’d add my bit, yep it does work in AS2 using the loadPolicyFile method.
It’s helped loads! thanks guys,
Hey, so when you write that this code is for flash player 9 and not 8, what you actually mean is that it’s for AS3 and not AS2? Cuz flash 9 playes AS2 just the same!
Hi, thanks for this post, it’s very helpful. My problem is that I cannot upload a crossdomain.xml file as it is not my domain ( Amazon S3 ). Is there another way around this problem? I don’t really understand why the data is protected in the first place.
@Eric, even if it’s S3, you can have crossdomain.xml there.
Anyway, you can use proxy, which is hosted on your server, to load image.
You can check out this:-
http://www.abdulqabiz.com/blog/archives/general/php_proxy_script_for.php
This might be useful, you need to host it on your server and use it like this:-
http://yourserver/proxy.php?url=http://amazons3/image.jpeg
Thank You Abdul
Abdul, you just saved my life
it doesn’t work for me…i’ve did everything as it should but still get the security sandbox violation error. Too bad…i’ll have to use a proxy…and that’s not cool.
Hi,
Any body have working example of bitmapdata draw method for cross domain swf
Thanks in advance
Uhh flash is really making troubles to me with this new security settings and seems to be breaking tons of wordpress installs, etc =\ any solution if you dont have the crossdomain.xml on the other server? =\