Skip to Content
Former Member
Mar 30, 2009 at 12:05 PM

Flash 9 Security, Policiy Files and Connecting to Cross-Domain Data


This is still related to my request for help with XML but I thought I'd better post a new thread: this is taking me way beyond xml.

Thanks to Charles Davies and Matt Lloyd, I have my first working dashboard being fed by xml data (no big deal for most of you but it was for me!). In the process, Matt drew my attention to new security features in the flash player 9 and later and it turns out it is a bit of a make or break issue.

I have a dashboard which is ready to take its data from an xml file that will be updated every day. The dashboard itself will be distributed to over a hundred unrelated users. So in order for the dashboard to refresh on the xml data, each user's flash player needs to be able to load data cross-domain. It ruens out that you can't just do that since the flash player 9. You need to create a policy file.

I tried to read the many articles on the Adobe web site but they are way beyond anything I understand. It looks, though, as if the policy file is something that gets written in actionscript. If I got that bit right, then it is worse than I thought because you have to embed that file into the flash application I guess, and you can't do that in xcelsius're stuck and cannot referesh data cross-domain.

Or maybe I completely misunderstood that and the policy file has to be read by the flash player directly, but I don't have a cue where that policy file should reside.

Does anyone have any experience of this and could you please tell me if I have any chance of making sure the dashboard, once distributed, does load in the xml data (I suppose this issue is not just with xml data).

If that is not possible, then what is my next option to enable online data refresh (note: I do not use any other bobj or SAP products)?

Thank you for your suggestions. I have completely stalled.