didjeridoo
asked on
Why won't flash 9 play when served in SSL (HTTPS)?
Trying to develop an app to serve flash content over SSL. Works fine in the non-SSL dev environment, but requires the user to click "Play" when served in SSL. Tried setting the "play" variable, allowScriptAccess, and using SWFObject. Have not tried cross-domain scripting file because all content is served from the same domain. Any idas would be ___really___. Need to have answer implemented tomorrow!!
BTW - usng ajax to load data into a content element - see content element below
BTW - usng ajax to load data into a content element - see content element below
<div class="ajax">
<script type="text/javascript"
src="https://consumer.mydomain.com/@@/0.3.5/swfobject.js"></script>
<script type="text/javascript">
swfobject.registerObject('Attribute Graph', '9.0.0',
'https://consumer.mydomain.com/@@/0.3.5/expressInstall.swf');
swfobject.registerObject('IEAttrGraph', '9.0.0',
'https://consumer.mydomain.com/@@/0.3.5/expressInstall.swf');</script>
<div>
<object id="IEAttrGraph" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="600" height
="325" play="true" loop="false">
<param name="movie"
value="https://consumer.mydomain.com/@@/0.3.5/Barometer.swf" />
<param name="flashvars"
value="play=1&dataurl=https%3A%2F%2Fconsumer.mydomain.com%2Fme%2Flabs%2Fdata.xml%3Flab%3Dlabs
.Chloride" />
<param name="play" value="true" />
<!--[if !IE]>-->
<object id="Attribute Graph" width="600" height="325"
align="middle" play="true" loop="false"
type="application/x-shockwave-flash"
data="https://consumer.mydomain.com/@@/0.3.5/Barometer.swf">
<param name="flashvars"
value="play=1&dataurl=https%3A%2F%2Fconsumer.mydomain.com%2Fme%2Flabs%2Fdata.xml%3Flab%3Dlabs
.Chloride" />
<param name="play" value="true" />
<!--[endif]>-->
<p> Please install Flash 9.0 or greater. </p>
<!--[if !IE]>-->
</object>
<!--[endif]>-->
</object>
</div>
</div>
well, basically secure means secure. A secure HTTPS page is not going to automatically cause an insecure function to play on the page, which flash is. It will require user authorization to do this -- if it did not require that, the page would not be secure -- which technically means re-entrable via a back door, and flash is.
ASKER
Thanks for the response. I believe you are right that there is some issue with security. However, flash does have a security model (see http://livedocs.adobe.com/flex/3/html/help.html?content=05B_Security_02.html) which includes the ability to play securely delivered swf files. I would think the problem of playing flash movies/charts over https has been solved before. Does anyone know how this is done?
I have provisionally solved the problem using a javascript function to call the document.getElement(flashM ovieID).Pl ay() method once the page is loaded.
This solution is brittle, however, since it requires a setTimeout javascript call and may not work with slower connections. Any new information would be greatly appreciated. Thanks again for taking the time to address this question.
I have provisionally solved the problem using a javascript function to call the document.getElement(flashM
This solution is brittle, however, since it requires a setTimeout javascript call and may not work with slower connections. Any new information would be greatly appreciated. Thanks again for taking the time to address this question.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Unfortunately, extjs asynchronously loads objects, particularly flash objects using swf. Because of the asynchronous load and the variable speed with which the operations are completed on different platforms, setTimeOut turns out to be brittle. But I haven't found a better solution. Thanks.