Read flash variable from external domain with javascript

Dear Experts,

Anyone know if it's possible to avoid flash sandbox security to read a variable inside an swf from a javascript?

I don't need to pass the variable from flash to javascript calling some function, I need to directly read a variable inside flash using flash_object.GetVariable("myvariable");

More details:
I have the following.
A Swf file called test.swf with just this two lines:
line 1: var test="12345";
line 2: stop();

then I have a test_readflashvar.js file on the same site with just the flash object code that is written through document.write
and a javascript function testing() that tries to read variable test inside swf.
I have a timer that execute it every x secs.

function write_flash_object(url) {
 //code that write my flash object to document
}

function testing() {
    var o = getFlashMovieObject("flashobj"); //function that search for flash object
    if (o==null || o.PercentLoaded()<100) return;

    alert(o.GetVariable("j"));

    return;
}

Then I add the script to any of my websites (different domain where is located the swf file) <script src="http://target_domain/test_readflashvar.js"></script>

And when I load the page with the included script,  and it executes and the line alert(o.GetVariable("j")); I get the unspecified javascript error (=security access error).

Can anyone give a hint to overpass flash sandbox security control?

Regards,
Luigi.
luigidenaroAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

smaccariCommented:
The problem is on javascript side i think.
In JS you cannot access any variable/object/function if they are not on the same domain (through an iframe for example).
That's a browser security issue.
Maybe this apply too on flash objects if not on same domain than the script.
0
luigidenaroAuthor Commented:
It's a flash plugin security issue, I know, but maybe someone knows an alternative way to overpass it.
0
luigidenaroAuthor Commented:
Well, after trying and trying I found the solution.
Using this directive on main flash it avoid security restrictions for any domain.

System.security.allowDomain("*");
If u want to allow just a domain then is so simply like replacing the * for a domain in the way http://www.domain.com

The problem on this is that the swf remains exposed for external hacking.
0
GranModCommented:
PAQed with points refunded (500)

GranMod
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JavaScript

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.