You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@flex.apache.org by Frédéric THOMAS <we...@hotmail.com> on 2014/09/27 13:31:40 UTC

[trusted Multi-versioned AIR app] (was RE: [AIR - loadForCompatibility])

Hi all,

Because it could be useful for folks and because the copy / paste in my mailer doesn't often give the expected result, I create a little github repo to host the code and a wiki:

https://github.com/doublefx/trustedMultiVersionedAirDemo

HTH,
Frédéric THOMAS

> From: webdoublefx@hotmail.com
> To: users@flex.apache.org
> Subject: RE: [AIR - loadForCompatibility]
> Date: Fri, 26 Sep 2014 09:50:11 +0100
> 
> And forgot to mention but both the loader and the application needs to be compiled with -includes=mx.managers.systemClasses.MarshallingSupport
> 
> Frédéric THOMAS
> 
> > From: webdoublefx@hotmail.com
> > To: users@flex.apache.org
> > Subject: RE: [AIR - loadForCompatibility]
> > Date: Fri, 26 Sep 2014 09:08:52 +0100
> > 
> > > Was the remote SWF able to make "secure" calls to the server?
> > Remote calls yes, but we're not in https, so, I can't say.
> > 
> > Frédéric THOMAS
> > 
> > > From: webdoublefx@hotmail.com
> > > To: users@flex.apache.org
> > > Subject: RE: [AIR - loadForCompatibility]
> > > Date: Fri, 26 Sep 2014 08:43:01 +0100
> > > 
> > > Hi Alex, 
> > > It works perfectly, remote calls and all the AIR APIs, my app loader is in the last version of the SDK / AIR, it loads the old AIR project SDK 4.6 which in turn loads modules, the goal was to be able to raise the SDK and libs versions avoiding re-installing the application on devices where the users haven't got the admin rights, so, from now, they will do the install of the loader once which in turn will check if there is an updated version of the main app on the server and download it as needed.
> > > Next step is to do with RSLs from the main app to make the app and modules lighter.
> > > Thanks for having given me the clue.
> > > 
> > > Frédéric THOMAS
> > > 
> > > > From: aharui@adobe.com
> > > > To: users@flex.apache.org
> > > > Subject: Re: [AIR - loadForCompatibility]
> > > > Date: Thu, 25 Sep 2014 16:25:56 +0000
> > > > 
> > > > Makes sense.   Thanks for sharing.
> > > > 
> > > > Was the remote SWF able to make "secure" calls to the server?  I was told
> > > > that in some web-apps, the servers check the headers to see if the request
> > > > came from a client served from the same domain and that whatever header
> > > > that is will not be "yourDomain" when the SWF is loaded in this way.
> > > > 
> > > > -Alex
> > > > 
> > > > On 9/25/14 8:34 AM, "Frédéric THOMAS" <we...@hotmail.com> wrote:
> > > > 
> > > > >So, the trick to have an adobe AIR trusted remote multi-versioned
> > > > >application is as shown in this sample code:
> > > > ><?xml version="1.0" encoding="utf-8"?><s:WindowedApplication
> > > > >xmlns:fx="http://ns.adobe.com/mxml/2009"					
> > > > >xmlns:s="library://ns.adobe.com/flex/spark"					
> > > > >preinitialize="preinitializeHandler(event)" showStatusBar="false">
> > > > >	<fx:Script>		<![CDATA[			import mx.events.FlexEvent;
> > > > >			// Get the raw swf			private function launchChildApp():void
> > > > >{				trace("applicationDirectory: " +
> > > > >File.applicationDirectory.nativePath);				trace("applicationStorageDirecto
> > > > >ry: " + File.applicationStorageDirectory.nativePath);
> > > > >				const urlRequest:URLRequest = new
> > > > >URLRequest("http://yourDomain/yourApplication/youRemoteTrustedMultiVerione
> > > > >dAirWindowedApplication.swf");				const urlLoader:URLLoader = new
> > > > >URLLoader();				urlLoader.dataFormat =
> > > > >URLLoaderDataFormat.BINARY;				urlLoader.addEventListener(Event.COMPLETE,
> > > > >urlLoader_completeHandler);				urlLoader.load(urlRequest);			}
> > > > >			private function preinitializeHandler(event:FlexEvent):void {
> > > > >      maximize();				launchChildApp();			}
> > > > >			private function urlLoader_completeHandler(event:Event):void {
> > > > >				const urlLoader:URLLoader = event.currentTarget as URLLoader;
> > > > >				// In isolation because the loaded code may be compile with another
> > > > >flex version.				const applicationDomain:ApplicationDomain = new
> > > > >ApplicationDomain(null);
> > > > >				const lc:LoaderContext = new LoaderContext(false,
> > > > >applicationDomain);				lc.allowCodeImport = true;
> > > > >				swfLoader.loaderContext = lc;				swfLoader.load(urlLoader.data as
> > > > >ByteArray);			}		]]>	</fx:Script>
> > > > >	<s:SWFLoader id="swfLoader" autoLoad="false" trustContent="true"
> > > > >loadForCompatibility="true"				 showBusyCursor="true"
> > > > >scaleContent="false"/>
> > > > ></s:WindowedApplication>
> > > > >
> > > > >Frédéric THOMAS
> > > > >
> > > > >> From: webdoublefx@hotmail.com
> > > > >> To: users@flex.apache.org
> > > > >> Subject: RE: [AIR - loadForCompatibility]
> > > > >> Date: Wed, 24 Sep 2014 13:29:15 +0100
> > > > >> 
> > > > >> 
> > > > >> 
> > > > >> 
> > > > >> My bad, I had to add the listener to LoaderInfo instead of Loader, use
> > > > >>a child applicationDomain instead of a sibling one and instanciate from
> > > > >>the applicationDomain definitions my App before using it.
> > > > >> 
> > > > >> Still exploring...
> > > > >> 
> > > > >> Frédéric THOMAS
> > > > >> 
> > > > >> > From: webdoublefx@hotmail.com
> > > > >> > To: users@flex.apache.org
> > > > >> > Subject: RE: [AIR - loadForCompatibility]
> > > > >> > Date: Wed, 24 Sep 2014 11:37:46 +0100
> > > > >> > 
> > > > >> > Hi Alex,
> > > > >> > So, I gave a try but I'm facing something weird, comment in code:
> > > > >> > The Loader:<?xml version="1.0" encoding="utf-8"?>
> > > > >> > <s:WindowedApplication xmlns:fx="http://ns.adobe.com/mxml/2009"
> > > > >>xmlns:s="library://ns.adobe.com/flex/spark">
> > > > >> > 
> > > > >> >    <s:layout>
> > > > >> >       <s:VerticalLayout/>
> > > > >> >    </s:layout>
> > > > >> > 
> > > > >> >    <fx:Script>
> > > > >> >       <![CDATA[
> > > > >> >         import mx.core.IVisualElement;
> > > > >> > 
> > > > >> >         // Get the raw swf
> > > > >> >         private function launchChildApp():void {
> > > > >> >             const urlRequest:URLRequest = new
> > > > >>URLRequest("http://localhost:8080/mobilityworkspace/App.swf");
> > > > >> >             const urlLoader:URLLoader = new URLLoader();
> > > > >> >             urlLoader.dataFormat = URLLoaderDataFormat.BINARY;
> > > > >> >             urlLoader.addEventListener(Event.COMPLETE,
> > > > >>urlLoader_completeHandler);
> > > > >> >             urlLoader.load(urlRequest);
> > > > >> >         }
> > > > >> > 
> > > > >> >         // load the raw swf into the same security context and
> > > > >>sibling application domain
> > > > >> >         private function urlLoader_completeHandler(event:Event):void {
> > > > >> >             const urlLoader:URLLoader = event.currentTarget as
> > > > >>URLLoader;
> > > > >> > 
> > > > >> >             // In isolation because the loaded code may be compile
> > > > >>with another flex version.
> > > > >> >             const applicationDomain:ApplicationDomain = new
> > > > >>ApplicationDomain(null);
> > > > >> > 
> > > > >> >             const lc:LoaderContext = new LoaderContext(false,
> > > > >>applicationDomain);
> > > > >> >             lc.allowCodeImport = true;
> > > > >> > 
> > > > >> >             // Throws [Fault] exception, information=Error:
> > > > >>addChild() is not available in this class.
> > > > >> >             // Instead, use addElement() or modify the skin, if you
> > > > >>have one.
> > > > >> >             //lc.requestedContentParent = panel;
> > > > >> > 
> > > > >> >             const ldr:Loader = new Loader();
> > > > >> > 
> > > > >> >             // So wait for the COMPLETE Event to affect it to the
> > > > >>panel but
> > > > >> >             // the Event is never fired (and even no other events,
> > > > >>errors).
> > > > >> >             ldr.addEventListener(Event.COMPLETE, ldr_completeHandler);
> > > > >> >             ldr.loadBytes(urlLoader.data as ByteArray, lc);
> > > > >> >         }
> > > > >> > 
> > > > >> >         // Never goes here.
> > > > >> >         private function ldr_completeHandler(event:Event):void {
> > > > >> >             const ldr:Loader = event.currentTarget as Loader;
> > > > >> >             panel.addElement(ldr.content as IVisualElement);
> > > > >> >         }
> > > > >> >         ]]>
> > > > >> >    </fx:Script>
> > > > >> > 
> > > > >> > 
> > > > >> >    <s:Button label="Launch child application"
> > > > >>click="launchChildApp()"/>
> > > > >> > 
> > > > >> >    <s:Panel id="panel" width="100%" height="100%"/>
> > > > >> > 
> > > > >> > </s:WindowedApplication>
> > > > >> > 
> > > > >> > The App:<?xml version="1.0"?>
> > > > >> > <s:Group xmlns:fx="http://ns.adobe.com/mxml/2009"
> > > > >> >                   xmlns:s="library://ns.adobe.com/flex/spark">
> > > > >> >    <fx:Script>
> > > > >> >       <![CDATA[
> > > > >> >         import mx.controls.Alert;
> > > > >> >         ]]>
> > > > >> >    </fx:Script>
> > > > >> >    <s:Button click="Alert.show('Hello, world')" label="Say Hello"/>
> > > > >> > </s:Group>
> > > > >> > 
> > > > >> > Do you know why I can't reach ldr_completeHandler ?Frédéric THOMAS
> > > > >> > 
> > > > >> > > From: webdoublefx@hotmail.com
> > > > >> > > To: users@flex.apache.org
> > > > >> > > Subject: RE: [AIR - loadForCompatibility]
> > > > >> > > Date: Tue, 23 Sep 2014 22:20:35 +0100
> > > > >> > > 
> > > > >> > > Alight, thank you Alex
> > > > >> > > 
> > > > >> > > Frédéric THOMAS
> > > > >> > > 
> > > > >> > > > From: aharui@adobe.com
> > > > >> > > > To: users@flex.apache.org
> > > > >> > > > Subject: Re: [AIR - loadForCompatibility]
> > > > >> > > > Date: Tue, 23 Sep 2014 21:03:39 +0000
> > > > >> > > > 
> > > > >> > > > 
> > > > >> > > > 
> > > > >> > > > On 9/23/14 1:56 PM, "Frédéric THOMAS" <we...@hotmail.com>
> > > > >>wrote:
> > > > >> > > > 
> > > > >> > > > >> Essentially, this trick makes remote content local.  It can
> > > > >>make remote
> > > > >> > > > >> calls, but the headers will be the same as if you coded
> > > > >>URLLoader in the
> > > > >> > > > >> main AIR app not as if it was a web-app served by the domain's
> > > > >>server.
> > > > >> > > > >
> > > > >> > > > >If it means the loaded swf is perceived as or is in the local
> > > > >>application
> > > > >> > > > >sandbox / security context, I guess it can do the trick moving
> > > > >>the rest
> > > > >> > > > >of the code in a module downloaded by the loaded swf, thought ?
> > > > >> > > > AIUI, you can keep "importing" swfs into the application sandbox,
> > > > >>but the
> > > > >> > > > servers that they came from will not see the same headers as if
> > > > >>it was a
> > > > >> > > > web app from that server and will respond differently, often by
> > > > >>returning
> > > > >> > > > failure.
> > > > >> > > > 
> > > > >> > > > If you download remote.swf and load bytes it, and it just uses
> > > > >>Loader to
> > > > >> > > > run anotherremote.swf, anotherremote.swf is loaded into a sandbox
> > > > >>and
> > > > >> > > > cannot access the remote.swf.  Remote.swf would also have to use
> > > > >>the load
> > > > >> > > > bytes trick in order for anotherremote.swf to talk directly to
> > > > >>each other.
> > > > >> > > > 
> > > > >> > > > -Alex
> > > > >> > > > 
> > > > >> > >  		 	   		  
> > > > >> >  		 	   		  
> > > > >> 
> > > > >>  		 	   		  
> > > > > 		 	   		  
> > > > 
> > >  		 	   		  
> >  		 	   		  
>