Flash limitations

Macromedia Flash player has an extensive list of checks, restrictions and features in order to ensure that Macromedia Flash content is secure and safe.

These include:

• The ability to use the encryption capabilities of the browser, including SSL, to encrypt all communications between a Macromedia Flash movie and the server
• An extensive sandbox security system that limits transfer of information that might pose a risk to security or privacy.
• Macromedia Flash player does not allow web content to read data from the local drive except for SharedObjects that were created by that domain.
• Macromedia Flash player cannot write any data to the disk except for data that is encapsulated in SharedObjects.
• Macromedia Flash player does not allow web content to read any data from a server that is not from the same domain unless that content explicitly allows access. See also: Loading data across domains.
• Macromedia Flash player does not allow web content to place more that 100k of data on the local disk from a single domain.
• Macromedia Flash player enables the user to disable the storage of information for any domain.
• Macromedia Flash player does not allow data to be sent from a camera or microphone unless the user gives permission for a domain.

• All operations require an exact domain match. Similar domains, such as www.mysite.com and store.mysite.com, are no longer considered a match. Domains must now match exactly.
• Macromedia Flash movies served over HTTP (or other insecure protocols) are no longer allowed to access movies or data served over HTTPS.