checkPolicyFile (MovieClipLoader.checkPolicyFile property)

public checkPolicyFile : Boolean

Specifies whether Flash Player should attempt to download a cross-domain policy file from the loaded object's server before beginning to load the object itself.

Set this flag to true when you are loading an image (JPG, GIF, or PNG) from outside the calling SWF file's own domain and you expect to access the content of that image using BitmapData.draw(). If you attempt this operation without having specified checkPolicyFile at loading time, you may encounter a security error because the needed policy file has not been downloaded yet.

When you call MovieClipLoader.loadClip() with checkPolicyFile set to true, Flash Player does not begin downloading the object specified in your url until it has either successfully downloaded a relevant cross-domain policy file or discovered that no such policy file exists. Flash Player first considers policy files that have already been downloaded, then attempts to download any pending policy files specified in calls to System.ecurity.loadPolicyFile(), then attempts to download a policy file from the default location that corresponds to url, which is /crossdomain.xml on the same server as url. In all cases, Flash Player requires that the given policy file exists on its server, that the file provides access to the object at url by virtue of the policy file's location, and that the file permits access by the domain of the calling SWF file by virtue of one or more <allow-access-from> tags.

If you set checkPolicyFile to true, Flash Player waits until policy file completion to begin the main download that you specify in MovieClipLoader.loadClip(). Thus, as long as the policy file that you need exists, as soon as you have received any event notifications from your MovieClipLoader, the policy file download is complete and you can safely begin performing operations that require the policy file.

If you set checkPolicyFile to true, and no relevant policy file is found, you do not receive any error indication until you attempt an operation that causes a security error.

Try to avoid setting checkPolicyFile to true if you will not be needing pixel-level access to the image that you are loading. Checking for a policy file in this case is wasteful, because it may delay the start of your download, and may consume network bandwidth unnecessarily.

Also try to avoid setting checkPolicyFile to true if you are using MovieClipLoader.loadClip() to download a SWF file. This is because SWF-to-SWF permissions are not controlled by policy files, but rather by Security.allowDomain(), and checkPolicyFile has no effect when you load a SWF file. Checking for a policy file in this case is wasteful because it may delay the start of your SWF download and may consume network bandwidth unnecessarily. (Flash Player cannot tell whether your main download will be a SWF file or an image, because the policy file download occurs before the main download.)

Be careful with checkPolicyFile if you are downloading an object from a URL that may use server-side HTTP redirects. Flash Player always attempts to retrieve policy files that correspond to the initial URL that you specify in loadClip. If the final object comes from a different URL because of HTTP redirects, then the initially downloaded policy file(s) might not be applicable to the object's final URL, which is the URL that matters in security decisions.

Availability: ActionScript 2.0; Flash Player 9

View comments on LiveDocs