Security: Restrict plugin access to file system and network
In a plugin context (a swf loaded by an another swf), is there any way to restrict access to file system and network in the same time to the loaded swf ?
Compiler option "-use-network=true|false" does not fit because you cannot restrict both file/network.
Code example :
Air App :
package
{
import flash.display.Loader;
import flash.display.Sprite;
import flash.filesystem.File;
import flash.net.URLRequest;
public class TestContentSecurity extends Sprite
{
private var l :Loader = new Loader;
public function TestContentSecurity()
{
addChild(l);
l.load(new URLRequest(File.documentsDirectory.nativePath + "/Content.swf"));
}
}
}
Loaded swf :
package
{
import flash.display.Sprite;
import flash.events.Event;
import flash.events.IOErrorEvent;
import flash.net.URLLoader;
import flash.net.URLRequest;
import flash.system.ApplicationDomain;
import flash.text.TextField;
public class Content extends Sprite
{
private var _log : TextField = new TextField;
private var l: URLLoader;
public function Content()
{
开发者_JAVA百科addChild(_log)
_log.multiline = true;
_log.width = 500;
_log.height = 500;
l = new URLLoader();
l.addEventListener(Event.COMPLETE, onLoad);
l.addEventListener(IOErrorEvent.IO_ERROR, onError);
l.load(new URLRequest("c:/Windows/regedit.exe"))
}
public function onLoad(e:Event) : void{
_log.text += "SUCCESS\n" ;
}
public function onError(e:IOErrorEvent) : void{
_log.text += "ERROR\n";
}
}
}
The loaded swf is in user's document folder, outside Air app folder. Currently, the loaded swf is abble to load "c:/Windows/regedit.exe" and I don't want it (neither sending informations on the network).
I've found one solution in AIR, I don't like it but it works. The idea is to have a mini http server and to load content from this server.
I load targeted file with :
new URLRequest("http://localhost:1111/Content.swf")
By doing this, flash will load "Content.swf" as a remote file and place it in a REMOTE security sandbox. Loaded swf won't be able to access to any local files neither to network.
If anyone have a cleaner solution to get this REMOTE security sand box, I will be happy.
/**
* HTTP server original idea :
* http://coenraets.org/blog/2009/12/air-2-0-web-server-using-the-new-server-socket-api/
*/
package
{
import flash.display.Loader;
import flash.display.Sprite;
import flash.filesystem.File;
import flash.filesystem.FileMode;
import flash.filesystem.FileStream;
import flash.net.URLRequest;
import flash.events.Event;
import flash.events.ProgressEvent;
import flash.events.ServerSocketConnectEvent;
import flash.net.ServerSocket;
import flash.net.Socket;
import flash.utils.ByteArray;
public class TestContentSecurity extends Sprite
{
private var l :Loader = new Loader;
private var serverSocket:ServerSocket;
public function TestContentSecurity()
{
init();
l.load(new URLRequest("http://localhost:1111/Content.swf"));
}
private function init():void
{
// Initialize the web server directory (in applicationStorageDirectory) with sample files
listen(1111);
}
private function listen(port : uint):void
{
try
{
serverSocket = new ServerSocket();
serverSocket.addEventListener(Event.CONNECT, socketConnectHandler);
serverSocket.bind(port, "127.0.0.1");
serverSocket.listen();
trace("Listening on port " + port + "...\n");
}
catch (error:Error)
{
trace("Port " + port +
" may be in use. Enter another port number and try again.\n(" +
error.message +")", "Error");
}
}
private function socketConnectHandler(event:ServerSocketConnectEvent):void
{
var socket:Socket = event.socket;
socket.addEventListener(ProgressEvent.SOCKET_DATA, socketDataHandler);
}
private function socketDataHandler(event:ProgressEvent):void
{
try
{
var socket:Socket = event.target as Socket;
var bytes:ByteArray = new ByteArray();
socket.readBytes(bytes);
var request:String = "" + bytes;
var filePath:String = request.substring(5, request.indexOf("HTTP/") - 1);
var file:File = File.applicationDirectory.resolvePath(filePath);
if (file.exists && !file.isDirectory)
{
var stream:FileStream = new FileStream();
stream.open( file, FileMode.READ );
var content:ByteArray = new ByteArray();
stream.readBytes(content);
stream.close();
socket.writeUTFBytes("HTTP/1.1 200 OK\n");
socket.writeUTFBytes("Content-Type: application/x-shockwave-flash\n\n");
socket.writeBytes(content);
}
else
{
socket.writeUTFBytes("HTTP/1.1 404 Not Found\n");
socket.writeUTFBytes("Content-Type: text/html\n\n");
socket.writeUTFBytes("<html><body><h2>Page Not Found</h2></body></html>");
}
socket.flush();
socket.close();
}
catch (error:Error)
{
trace("Error");
}
}
}
}
Not unless you deploy as an AIR application.
You can, however, store some data in a SharedObject, even when you deploy with -use-network=true
. This should work for storing game state and such.
Edit:
In AIR, security between content from different domains is regulated by using AIR sandbox bridges. This should give you all the leverage you need.
精彩评论