Issue

Adobe Flash Player 10 includes significant change to the way that socket timeout is handled, adding significant user control.

Connections that previously succeeded after a long delay (due to outages or network congestion) may now result in a securityError event with Flash Player 10.

Reason

In Flash Player 10, ActionScript Socket and XMLSocket objects, all securityError events will be sent after a predefined amount of time has elapsed since the call to connect(). The predetermined timeout is 20 seconds by default but can be specified by ActionScript developers using the new Socket.timeout and XMLSocket.timeout APIs. If the timeout elapses and no connection has been established, the connection attempt will be aborted and a securityError dispatched.

Note: This change affects SWF files of all versions played in Flash Player 10 and later. This security change can potentially affect any SWF file that uses the Socket or XMLSocket classes. This change affects all non-app content in Adobe AIR (however, AIR app content itself is unaffected).

Solution

Developers should be sure to account for the new error by listening for the SecurityErrorEvent.SECURITY_ERROR event from Socket and XMLSocket objects in their code. The best practice is to set explicit timeout for any socket content over which you have control.

  • Longer timeouts favor greater robustness under marginal network conditions at the expense of longer delays in discovering failures.
  • Shorter timeouts favor quicker discovery of failures at the expense of reduced robustness under marginal network conditions.

Additional Information

For more information, read Setting up a socket policy file server, which gives sample code and a description of the various options available.

Keywords: kb405545

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy