Can't load swf from an external domain #170

extempl opened this Issue Jun 6, 2013 · 4 comments


None yet
2 participants

extempl commented Jun 6, 2013

It loads, but don't work.
On hover it throws an error:

Uncaught Error: Error calling method on NPObject. ZeroClipboard.js:179
    ZeroClipboard.setSize ZeroClipboard.js:179
    ZeroClipboard.reposition ZeroClipboard.js:258
    ZeroClipboard.setCurrent ZeroClipboard.js:163
    _elementMouseOver ZeroClipboard.js:36

The same thing happens when I try load it from base64 (btw, is it real?)

extempl commented Jun 7, 2013

Already tried it. It's don't work.


JamesMGreene commented Jun 7, 2013

Your problem is that you are including the SWF from a secure domain (HTTPS) and trying to script it from an insecure domain (HTTP). This is intentionally not supported for security's sake.

You can do a few things:

  1. In the trustedDomains option, begin your domain name with the protocol explicitly listed, e.g. This actually should not work if Flash security is working correctly but I've never verified it.
  2. Request the SWF from S3's HTTP protocol instead of HTTPS. If the page's protocol can vary (e.g. auth/unauth, staging/production, etc.), you should include add the SWF with a relative protocol (//s3...) instead of an absolute protocol (https://s3...).
  3. Serve the page over HTTPS. See the note on (2) if the protocol will need to vary.
  4. Change the ActionScript to call the allowInsecureDomain method, then recompile the SWF with your custom changes.

JamesMGreene commented Jun 10, 2013

We should add this clarification to the docs, I thought it was already stated somewhere. My bad.

JamesMGreene reopened this Jun 10, 2013

JamesMGreene was assigned Jun 10, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment