diff options
author | Hiroshi Ichikawa <gimite@gmail.com> | 2010-09-02 23:49:34 +0900 |
---|---|---|
committer | Hiroshi Ichikawa <gimite@gmail.com> | 2010-09-02 23:49:34 +0900 |
commit | 9e766377188d461f2046d951cc12645d457eb8e8 (patch) | |
tree | 734aa166d25a30b49ee23fb557624616922721f5 | |
parent | 1d0df76b4da4ba4071879e435a4de3512fd3853e (diff) | |
download | web-socket-js-9e766377188d461f2046d951cc12645d457eb8e8.tar.gz |
Supporting cross-domain SWF.
-rw-r--r-- | README.txt | 11 | ||||
-rw-r--r-- | WebSocketMain.swf | bin | 180177 -> 180175 bytes | |||
-rw-r--r-- | WebSocketMainInsecure.zip | bin | 0 -> 173076 bytes | |||
-rw-r--r-- | flash-src/WebSocketMain.as | 2 | ||||
-rw-r--r-- | flash-src/WebSocketMainInsecure.as | 19 | ||||
-rwxr-xr-x | flash-src/build.sh | 6 | ||||
-rw-r--r-- | sample.html | 4 | ||||
-rw-r--r-- | web_socket.js | 2 |
8 files changed, 40 insertions, 4 deletions
@@ -84,6 +84,17 @@ The AS3 Socket class doesn't implement this mechanism, which renders it useless The class RFC2817Socket (by Christian Cantrell) effectively lets us implement this, as long as the proxy settings are known and provided by the interface that instantiates the WebSocket. As such, if you want to support proxied conncetions, you'll have to supply this information to the WebSocket constructor when Flash is being used. One way to go about it would be to ask the user for proxy settings information if the initial connection fails. +* How to host HTML file and SWF file in different domains + +By default, HTML file and SWF file must be in the same domain. You can follow steps below to allow hosting them in different domain. + +WARNING: If you use the method below, HTML files in ANY domains can send arbitrary TCP data to your WebSocket server, regardless of configuration in Flash socket policy file. Arbitrary TCP data means that they can even fake request headers including Origin and Cookie. + +- Unzip WebSocketMainInsecure.zip to extract WebSocketMainInsecure.swf. +- Put WebSocketMainInsecure.swf on your server, instead of WebSocketMain.swf. +- In JavaScript, set WEB_SOCKET_SWF_LOCATION to URL of your WebSocketMainInsecure.swf. + + * How to build WebSocketMain.swf Install Flex 4 SDK: diff --git a/WebSocketMain.swf b/WebSocketMain.swf Binary files differindex cadefcf..e7e91d7 100644 --- a/WebSocketMain.swf +++ b/WebSocketMain.swf diff --git a/WebSocketMainInsecure.zip b/WebSocketMainInsecure.zip Binary files differnew file mode 100644 index 0000000..a74178d --- /dev/null +++ b/WebSocketMainInsecure.zip diff --git a/flash-src/WebSocketMain.as b/flash-src/WebSocketMain.as index 41991e7..17ee694 100644 --- a/flash-src/WebSocketMain.as +++ b/flash-src/WebSocketMain.as @@ -1,7 +1,7 @@ // Copyright: Hiroshi Ichikawa <http://gimite.net/en/> // License: New BSD License // Reference: http://dev.w3.org/html5/websockets/ -// Reference: http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-31 +// Reference: http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76 package { diff --git a/flash-src/WebSocketMainInsecure.as b/flash-src/WebSocketMainInsecure.as new file mode 100644 index 0000000..ea377be --- /dev/null +++ b/flash-src/WebSocketMainInsecure.as @@ -0,0 +1,19 @@ +// Copyright: Hiroshi Ichikawa <http://gimite.net/en/> +// License: New BSD License +// Reference: http://dev.w3.org/html5/websockets/ +// Reference: http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76 + +package { + +import flash.system.*; + +public class WebSocketMainInsecure extends WebSocketMain { + + public function WebSocketMainInsecure() { + Security.allowDomain("*"); + super(); + } + +} + +} diff --git a/flash-src/build.sh b/flash-src/build.sh index d7b7577..9a4a732 100755 --- a/flash-src/build.sh +++ b/flash-src/build.sh @@ -3,4 +3,8 @@ # You need Flex 4 SDK: # http://opensource.adobe.com/wiki/display/flexsdk/Download+Flex+4 -mxmlc -static-link-runtime-shared-libraries -output=../WebSocketMain.swf WebSocketMain.as +mxmlc -static-link-runtime-shared-libraries -output=../WebSocketMain.swf WebSocketMain.as && +mxmlc -static-link-runtime-shared-libraries -output=../WebSocketMainInsecure.swf WebSocketMainInsecure.as && +cd .. && +zip WebSocketMainInsecure.zip WebSocketMainInsecure.swf && +rm WebSocketMainInsecure.swf diff --git a/sample.html b/sample.html index 9d2c920..6a2ad7f 100644 --- a/sample.html +++ b/sample.html @@ -17,7 +17,9 @@ WEB_SOCKET_SWF_LOCATION = "WebSocketMain.swf"; // Set this to dump debug message from Flash to console.log: WEB_SOCKET_DEBUG = true; - + + // Everything below is the same as using standard WebSocket. + var ws; function init() { diff --git a/web_socket.js b/web_socket.js index b055d52..ad65dd1 100644 --- a/web_socket.js +++ b/web_socket.js @@ -326,7 +326,7 @@ swfobject.embedSWF( WEB_SOCKET_SWF_LOCATION, "webSocketFlash", "1" /* width */, "1" /* height */, "9.0.0" /* SWF version */, - null, {bridgeName: "webSocket"}, {hasPriority: true}, null, + null, {bridgeName: "webSocket"}, {hasPriority: true, allowScriptAccess: "always"}, null, function(e) { if (!e.success) console.error("[WebSocket] swfobject.embedSWF failed"); } |