It isn't a FlashPlayer issue as much as a Flex Framework issue. It is not in 3.0, but may show up in 3.x or 4.0, but no guarantees
________________________________ From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Muhammad Ahmed Ullah Sent: Thursday, January 10, 2008 3:42 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Security issue in crossscripting Thanks Alex for the info. Can we expect this support will come with flash-10 or when? --- In flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> , "Alex Harui" <[EMAIL PROTECTED]> wrote: > > Flex does not currently support cross-domain sub-apps > > > > ________________________________ > > From: flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> [mailto:flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> ] On > Behalf Of Muhammad Ahmed Ullah > Sent: Wednesday, January 09, 2008 3:46 AM > To: flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> > Subject: [flexcoders] Security issue in crossscripting > > > > Hello, > > When loading a SWF file (inner.swf) within a SWF file (outer.swf) > through Loader's object, I'm getting the following error message: > > SecurityError: Error #2047: Security sandbox violation: parent: > http://192.168.0.20/wid/inner.swf <http://192.168.0.20/wid/inner.swf> <http://192.168.0.20/wid/inner.swf <http://192.168.0.20/wid/inner.swf> > > cannot access > http://192.168.0.18:81/Any/container/outer.swf. <http://192.168.0.18:81/Any/container/outer.swf.> > <http://192.168.0.18:81/Any/container/outer.swf. <http://192.168.0.18:81/Any/container/outer.swf.> > > at flash.display::DisplayObject/get parent() > at > mx.managers::SystemManager/executeCallbacks()[E:\dev\flex_3_beta3\sdk\fr > ameworks\projects\framework\src\mx\managers\SystemManager.as:1518] > at > mx.managers::SystemManager/docFrameHandler()[E:\dev\flex_3_beta3\sdk\fra > meworks\projects\framework\src\mx\managers\SystemManager.as:2311] > > Both files are placed on different domains. > On the server of inner.swf file, crossdomain.xml exists with the "*" > permission. > In the initialize event handler of inner.swf file, > Security.allowDomain("*") also exists. > > > If I write "Security.allowDomain("*")" in outer.swf file, before > loading the inner.swf, then this error gets solved. > > But my question is, "Why is it necessary to use allowDomain() in the > outer.swf file, as I don't want to allow inner.swf file to access > outer.swf file?" or "How can I solve this error without using the > allowDomain() in outer.swf file?" > > Thanks, > Ahmed >