Hmm, I've not read enough about the newer security models to be sure, I just assumed it was that way since earlier versions were. One thing I did notice though was that you said you're reading from the security whitepaper for FP8. You should be reading about FP9 since that is what Flex and AS3 target.
HTH, Ben http://www.returnundefined.com/ --- In flexcoders@yahoogroups.com, "Xavi Beumala" <[EMAIL PROTECTED]> wrote: > > I think you're wrong. It's also working on web server. And from local system > you've also restrictions. Just try an application running from the local > file system and consuming remote data throgh HTTPService, it's going to > fail. But it's not failing with mx:Image. > > X. > > On 7/27/06, ben.clinkinbeard <[EMAIL PROTECTED]> wrote: > > > > There are no restrictions when running the file on your local system. > > Access it through a web server and your calls will fail. > > > > HTH, > > Ben > > http://www.returnundefined.com/ > > > > --- In flexcoders@yahoogroups.com, "Xavi Beumala" <xavi@> wrote: > > > > > > Hi, > > > > > > Today I've noticed that I can load images from diferent domains (which > > > doesn't have a crossdomain file) without getting a security sandbox > > > violation error. > > > > > > For example, when running the following application from my > > fileSystem I'm > > > not receiving any error eventhough the domains don't have de crossdomain > > > file (I also haven't trusted the file). > > > > > > <mx:Application xmlns:mx="http://www.adobe.com/2006/mxml"; > > layout="vertical"> > > > <mx:Image source="http://www.code4net.com/header/foto2.jpg"; > > width="800" > > > height="160"/> > > > <mx:Image source=" > > > http://us.i1.yimg.com/us.yimg.com/i/mntl/hlth/06q2/img_diet.jpg"; > > width="800" > > > height="160"/> > > > </mx:Application> > > > > > > So is this a new feature on the player or is it a security hole? > > > > > > I've been reading the document at www.adobe.com/devnet/*flash*player/ > > > articles/*flash*_player_8_*security*.pdf and the most accurate thing > > I've > > > found refering to images is: "A SWF file from a.com may read from > > the server > > > at b.com (using the ActionScript XML.load() method, for example) if > > > b.comhas a cross-domain policy file that permits access from > > > a.com (or from all domains)." So if the criteria for loading > > external images > > > is the same as for .swf... > > > > > > Any ideas? > > > > > > Best > > > X. > > > > > > > > > > > > > > > > > -- > > Flexcoders Mailing List > > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > > Yahoo! Groups Links > > > > > > > > > > > > > > > > > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
![http://www.code4net.com/header/foto2.jpg"](http://www.code4net.com/header/foto2.jpg"){kind=link}
![http://us.i1.yimg.com/us.yimg.com/i/mntl/hlth/06q2/img_diet.jpg"](http://us.i1.yimg.com/us.yimg.com/i/mntl/hlth/06q2/img_diet.jpg"){kind=link}