Networking Basics and Flash Player Security in Java

time will come where you, like Leif Eriksson, will yearn to leave the fjords of Iceland, which you re accustomed to, and explore the great unknown across the Atlantic. Now, replace fjords of Iceland with the contents of memory and the Atlantic with the internet, and you ve got something to talk about. The experience of crossing the sea differs for each who crosses it, and so varies the manner in which you can communicate with the vastness of the internet. Besides containing an incomprehensible variety of data in a comparably broad multitude of formats, the internet has innumerable services you can communicate in both directions with. In this and the following chapters, I ll dive into the many ways Flash Player can make use of the internet. In this chapter, I ll start with some of the most useful and simple ways to do so. I ll present an overview of the most common and best-supported protocol in Flash Player for networking, HTTP. You ll use ActionScript 3.0 to open a web page, load graphics and SWFs, and load les. Finally, I ll look at Flash Player s security model, which you must be aware of when developing networking-enabled applications.
flash.display.Loader .navigateToUrl() flash.system.Security
HTTP in Brief
The internet is kept alive by the furious and continuous exchange of information. This exchange takes place in a variety of protocols. These application-layer protocols are agreements between two computers connected to the internet on how they should structure their communication. Some examples of application-layer protocols are FTP, Bittorrent, DNS, IMAP, POP3, and SMTP. The whole of the World Wide Web, however, is built on one application layer protocol: the HyperText Transfer Protocol (HTTP).
Part VI: External Data
The internet itself relies on a whole stack of lower and lower-level protocols. Each layer of protocol builds on the ones below it, providing more structure. You can learn more about the seven-layer model of networking protocols, or OSI model, in a networking text or online ( model). In addition, although not part of the burrito-like seven-layer model, there are protocols on protocols that live on top of HTTP. I ll touch on some of these higher-level protocols in 28, Communicating with Remote Services.
Because Flash content so often lives on the web, HTTP is ingrained in Flash Player, and you ll soon be using it to load and send data, so let s take a brief excursion into how it works. I ll try not to bore you to tears with detail but provide just what you need. If you have a grip on HTTP, feel free to skip this section. There are two participants in any HTTP exchange. I ll call them the client and the server. Let s consider a simple case: you use your web browser to display Now, your computer is the client and some big, fat, rack-mounted, air-conditioned computer in Los Angeles is the server. Actually, I ve never seen the server, but it doesn t actually matter what it is or where it is that s the whole point of the internet. Back to the example. Every HTTP exchange has two acts: a request and a response. Simple enough. The client asks for something, and the server gives it back. Your browser opens a connection to the server hosting (using the DNS protocol to gure out that server s IP address, if you care) and sends it a request for /. If you were loading the page, it would request /crossdomain.xml. The server then tries to nd the resource you requested, and sends you back what it nds. This step can have lots of interpretation going on in the background: a script can be run by the server, it can alias your request to a different location, it can fail to nd the resource you re requesting, and so on. This is the basic pattern. You send a request, and the server sends a response. Let s look a little bit closer at the structure of a request and a response. Although you won t often have to write these by hand, it s nice to know that these take place in plaintext and that the HTTP protocol is pretty readable. Let s take a quick peek at what the example transaction looks like. First the client sends a request to the server:
GET / HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: Gecko/2009073022 Firefox/3.0.13 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Then the server sends the response to the client:
