Shockwave Update = Firefox on OSX
May 11th, 2010
An updated version of Shockwave was released earlier today, and for the first time since August 2008 I can once again use Firefox to view Shockwave content. I’m really glad to see this longstanding issue fixed. It definitely shows that more than just security updates are occurring on the development side of things. The next thing I can’t wait to see is Shockwave running in 64-bit on OSX 🙂
Here are the details from Allen at Adobe.
Modifications to Shockwave in update 11.5.7.609 are as listed below:
| Product Area | Bug Description |
| Keyboard Events | Keyboard events are not getting registered properly on IE8 Vista and Win7 reported by various portals |
| Shockwave | During Shockwave installation on Windows 64 bit machines the IE security dialog appears for multiple times. |
| Cross domain | Crossdomain Policy changes to support media based crossdomain checks for Flash cast members. |
| Mac | Various redraw issues in Safari & Firefox while playing the Shockwave content. |
| Upgrade | Smooth Upgrade Process takes care of deleting the old Adobe/Macromedia Downloaded Xtras. |
Several Security Updates as listed here;
http://www.adobe.com/support/security/bulletins/apsb10-12.html
This release is considered a critical security update, as detailed on the linked security bulletin.
Details of the modified (additional) Cross Domain Policy changes follow;
Cross Domain Policy changes
Earlier to Director 11.5, there was no Cross-domain checking based on the policy file and thus when we play any shockwave content which was accessing data from a server outside the domain, it used to throw-up security dialogs. In Director 11.5, we introduced the cross-domain checking based on policy files, placed on the servers. This meant that even the URLs accessed by the SWFs were being checked by the Shockwave player against the policy file. But flash player as such does cross-domain checking through policy files or through other security mechanisms (security.allowDomain). The checks which were done through the latter mechanism inside Flash player are not supported in Shockwave and because of this, the content which were accessed by this mechanism failed inside Shockwave.
For example, we have a youTube video player asset, which is a SWF file and this can be used play different youtube videos by specifying the video ID. This has been implemented in Flash using the “security.allowDomain” mechanism for accessing the content from the YouTube server. This SWF can be hosted on any server (not only YouTube) and the videos can be streamed in.
This movie when embedded inside the Shockwave player fails since the player checks only the policy file on the YouTube server. And this policy File on YouTube server does not list any of domains.
In order to address this issue, we have introduced a flash cast member property cdpCheckMode which can be set to either #useMediaPolicy (to use the flash player’s cross domain checks) or #useSWPolicy (to use Shockwave’s cross domain checks).
When we set the property to #useSWPolicy and if the policy file doesn’t have the necessary entry then the content developer has two options.
1. If the movie property enableSecurityDialog is set to true then security dialogs will appear in the Shockwave movie while trying to access the content and the option of displaying the content is given to the end user.
2. On the other hand, if this flag is not set then the movie will fail silently.
_movie.enableSecurityDialog
Usage
— Lingo syntax
_movie.enableSecurityDialog
// JavaScript syntax
_movie.enableSecurityDialog;
Description
Movie property; default value is FALSE, If it is false then the movie will fail silently. If it is set to TRUE then security dialogs will appear in the Shockwave movie while trying to access the content and the option of displaying the content is given to the end user.
Example
This statement sets the enableSecurityDialog property to True which will show the dialogs.
— Lingo syntax
on prepareMovie
_movie.enableSecurityDialog = TRUE
end
// JavaScript syntax
function prepareMovie()
{
_movie.enableSecurityDialog = 1;
}
cdpCheckMode (Flash cast member property)
Usage
— Lingo syntax
member(whichFlashMember).cdpCheckMode
// JavaScript syntax
member(whichFlashMember).cdpCheckMode;
Description
Flash member property; default value is useSwPolicy. When we set the property to #useSWPolicy it will use Shockwave’s cross domain checks and if the policy file doesn’t have the necessary entry then the content developer has two options.
1. If the movie property enableSecurityDialog is set to true then security dialogs will appear in the Shockwave movie while trying to access the content and the option of displaying the content is given to the end user.
2. On the other hand, if this flag is not set then the movie will fail silently.
When it is set to #useMediaPolicy it will use the flash player’s cross domain checks.
Example
This statement sets the cdpCheckMode property to #useMediaPolicy which will follow the flash player’s cross domain checks.
— Lingo syntax
on beginSprite me
member(2).cdpCheckMode = #useMediaPolicy
end
// JavaScript syntax
function beginSprite(me)
{
member(2).cdpCheckMode = symbol(“useMediaPolicy”);
}
Entry Filed under: Shockwave
1 Comment Add your own
1. net | May 18th, 2010 at 11:57 pm
nothing about director 12,disappointment.
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed