TechNote (Archived)

Security error appears when playing Flash content on a CD

Issue

After updating to Macromedia Flash Player 8, some users see the following security error message when attempting to play Flash content published on CD.

Reason

This message appears due to the new local playback security added to Flash Player 8, which prevents local files by default from performing HTTP communication or communicating with local HTML files.

Developers typically get this message when CD-based content attempts to load information from a file hosted on a webserver. These assets normally include but are not limited to videos, SWF files and text files. Another common reason that developers get this message is the SWF file on the CD attempts to use eitherJavaScript or FSCommand to communicate with the local HTML file. Both of these actions require the SWF movie to interact not only with local content, but Internet-enabled content as well. Developing content as listed above with the SWF file set to either local-with-filesystems or local-with-networking will give the security prompt.

Solution

To allow the CD-based content to play without prompting the message above you can apply a few different solutions.

• Create a standalone projector file. Flash Projector EXEs are not liable to the same security sandbox as a SWF file becuase the user has implicitly trusted the application by launching it.
• If the application is simply trying to call a network asset,you can set the security zone to local-with-networking using theLocal Content Updater. Note, if you allow this interaction, you will no longer be able to call other local content such as other SWF files on the CD.
• If you are trying to use both local and network access with your Flash movie, you will need to make a change on the user's machine. These changes are described below.

Methods for allowing access on users' machines

• You can have the user allow the path to your content (in this case the CD-ROM drive) in the Global Security Settings Manager. For a detailed description on how to allow certain sites in the Global Security Settings Manager please see How do I let local Flash content communicate with the Internet? (TechNote 4c093f20).
• If the user does not have internet access, or if you want to complete the work for the end-user, then you need to create a trust file (described below).

Trust Files

A trust file is a simple text file saved as a configuration file (using the .cfg file extension) that holds a path to the Flash content that needs to be in both local-with-filesystems and local-with-networking security zones. If a file is in both zones listed previously, then it sits in the local-trusted security zone. When an installer installs SWFs onto a user's computer, it can install trust configuration files to designate the SWFs as trusted. While this practice does not represent an explicit user decision about each SWF being trusted, the user has implicitly given their trust to the installer program by running it;it is, after all, an executable program. When a trust file specifies a path to content that is trusted the sub-directories under that path are also trusted.

To create a trust file, follow the steps below:

1. Open a text editor that is able to write Unicode text files. Windows Notepad and Mac TextEdit are examples of the applications that can write this type of file.
2. Enter the path to the content in the text field. If you have multiple locations that you need to allow simply separate them with a new line. Comments can be added with a # preceding the line of text, and they extend to the end of that line. For example the text below would allow both the D:/FlashContent and the C:/myFlash areas if they were saved in the trust file:

    # This will allow access to the content on the CD-Rom drive D:/FlashContent #This is the content saved on the local machine C:/myFlash 

3. Save the file as a UTF-8 or UTF-16 in one of the following locations.
   • If the users are not administrators or you want the trust file to just apply to one particular user, add the trust file here:
     • Windows
       <app data>\Macromedia\Flash Player\#Security\FlashPlayerTrust
       (e.g. c:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\#Security\FlashPlayerTrust)
     • Mac
       <app data>/Macromedia/Flash Player/#Security/FlashPlayerTrust
       (e.g. /Users/fred/Library/Preferences/Macromedia/Flash Player/#Security/FlashPlayerTrust)
   • If the users are administrators or you want the trust file to apply to each user on that machine, add the trust file here:
     • Windows
       <system>\Macromed\Flash\FlashPlayerTrust
       (e.g. c:\WINNT\system32\Macromed\Flash\FlashPlayerTrust)
     • Mac
       <app support>/Macromedia/FlashPlayerTrust
       (e.g. /Library/Application Support/Macromedia/FlashPlayerTrust)

These locations are directories, not individual files. Any number of configuration files may be installed in each of these directories; Flash Player will read all files it finds in them. Configuration files may not be placed in subdirectories of FlashPlayerTrust; they must be placed directly in the FlashPlayerTrust directories. The individual configuration files may be given any name but, to avoid naming conflicts, installers should name their configuration files in some way that is specific to their product. The FlashPlayerTrust directories will not necessarily exist on any given system, so installers may need to create them.

This content requires Flash

To view this content, JavaScript must be enabled, and you need the latest version of the Adobe Flash Player.

Download the free Flash Player now!

Search Support