Chapter 65. The Security Model
Understanding the Flash Player's security model is essential when building Flex-based rich Internet applications (RIAs). The security model dictates how your application interacts with the environment around it, both the local client machine and any servers that you may be accessing data from. The focus of this chapter is to explain the Flash Player's security model as it pertains to Flex applications.
Understanding the Security Sandbox
Understanding the Security Sandbox
When speaking of the security model, we don't mean authentication against a server or application-level security. We are actually referring to the security levels of the Flash Player and what resources it can access.
It is easiest to think of a security sandbox this in the context of a web browser. No web pages that are loaded in the browser can automatically access resources or scripts on the local machine. They also cannot load and invoke scripts or data directly from other servers, although you can load images from other servers. You can load other web pages in Frame elements; however, each frame has its own sandbox.
In general, a security sandbox is a mechanism that allows you to execute programs in a controlled manner. The sandbox defines and controls what resources you can and cannot access. In the case of the Flash player, this controls whether or not you can access data or media files from remote servers or the local filesystem.
By default, each Flex application instance has its ...
Get Professional Adobe® Flex® 3 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
