Note: Visit the Adobe Flash Player Help and Support page for help with top issues.

Issue

Note: This TechNote is intended for Adobe Flash and Adobe Flex developers who need to respond to changes in Adobe Flash Player 10's user interaction rules. End users with Flash Player install issues should begin troubleshooting at the Flash Player Support Center.

With Adobe Flash Player 10, the FileReference.browse and FileReference.download operations may be initiated only through ActionScript that originates from user interaction. This includes actions such as clicking the mouse or pressing the keyboard.

Reason

In Flash Player 9, ActionScript could perform uploads and downloads at any time. Flash Player 10 requires existing content to be updated to comply with stricter security rules.

This change can potentially affect any SWF file that makes use of Filereference.browse or FileReference.download. This change affects SWF files of all versions played in Flash Player 10 and later. This change affects all non-app content in Adobe AIR (however, AIR app content itself is unaffected).

Solution

Any existing content that invokes a browse dialog box using Filereference.browse, FileReference.download, or FileReference.save outside of an event triggered by user interaction will need to be updated. The dialog box will now have to be invoked through a button, keyboard shortcut, or some other event initiated by the user.

For further information see User-initiated action requirements in Flash Player 10.

Additional Information

One practical consideration that end users may have to make it the way they 'chain' events together.

For example, prior to Flash Player 10 you could use URLLoader to upload multiple files by having the onComplete() event of the first URLLoader create a new, 2nd URLLoader instance.

In Flash Player 10 this usage will violate the user interaction rules and throw a Security Sandbox Violation which will usually look like this:

*** Security Sandbox Violation ***
		

	     Connection to http://www.adobe.com/test/upload.php halted - 
		

	     not permitted from http://www.adobe.com/test/uploadtest.swf
		

	
		

	     SecurityError: Error #2176: Certain actions, such as those that display a pop-up window, 
		

	     may only be invoked upon user interaction, for example by a mouse click or button press. 

In Flash Player 10 and Actionscript 3.0, all the calls to URLLoader must be in the same callstack. In the above scenario multiple calls to URLLoader must be made inside the same function, or a user-interaction must be created for each individual upload.

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy