Fix for cross-domain ExternalInterface 'Unspecified error'

Making a note of this here because I don’t see it in any of the docs.

When using ExternalInterface cross-domain (i.e. the swf and JS are on different domains) you may get an ‘Unspecified error’ message in IE. Debugging in Visual Studio gives an ‘unknown exception’ in the return statement of this function:

function __flash__addCallback(instance, name) {
instance[name] = function () {
return eval(instance.CallFunction("" + __flash__argumentsToXML(arguments,0) + ""));
}
}

The fix is to add

System.security.allowDomain("*");

in your AS code. ExternalInterface requires the allowDomain to be set when HTML-SWF cross-scripting is performed even though it’s local to your browser. Thanks to my co-worker Sean Neville for this information.

(Note that you will also need to set allowScriptAccess="always" in the swf embed tags to allow cross-scripting)

11 Responses

  1. I have a problem, maybe you can help me on this. I’m making an application where I have my swf and js files being referenced on my clients html, the idea is that the swf will communicate with my server and call a javascript function to write new html content in my customer’s html.
    When the three (HTML, swf and JS) are located in the same domain it works perfectly but when I make the test by “calling” my swf and js from an html page located on a different domain I get “Unspecified error” even when I added the System.security.allowDomain(“*”); in my AS code.
    Can you please give me some ideas?
    Thanks.
    Allan

  2. Poonam says:

    Hi Allan,

    I am facing the problem as yours. Did you get any solution to the problem? Could you please share that with me too?

    Thanks a lot for all your help.

    Thanks,
    Poonam

  3. Petr says:

    I have the same problem. Any solution?

    Thanks,
    Petr

  4. Adam Todd says:

    Thanks for that Felix/Sean that little nugget of information just saved the day.

  5. mike randolph says:

    thx felix, just fixed my issue (again) :-)

  6. Technolojik says:

    nice article, thank you

  7. matt says:

    many thanks.

  8. James says:

    Oh thank you thank you thank you.

    I woulda thought ‘*.domain.com’ would work, but no, I needed just ‘*’

  9. TroyWorks says:

    FYI it’s now Security.allowDomain(“*”); not System.security.

  10. Artem K. says:

    I battled this issue for days now. The problem: function names!!!!!

    Check this site out:
    http://blog.warptube.com/2008/12/2/oddities-with-externalinterface-and-ie

    A really ugly issue with ExternalInterface can come up with naming your functions. You’re code will throw an error in code that looks something like:

    function __flash__addCallback(instance, name) {
    instance[name] = function () {
    return eval(instance.CallFunction(“” +
    __flash__argumentsToXML(arguments,0) + “”));
    }
    }

    If you use: play, stop, tags, item, length, and likely some others I’m unaware of you will get an error inside Adobe’s JavaScript hook code. What’s happening is you inadvertently are screwing with some read only attributes of some IE functionality which is causing things to grind to a halt. My solution is to just prepend all my addCallback routines with an underscore.

  11. Ant says:

    I have this self same problem and have set the domain access to all (*) and the allow scripts param on the swf object. Looking at the innerhtml generated by swfobject i can see that the correct params have been added to the object element. Ideally I would like to debug from the js into the as (using CS3 at the moment). Anyone had any luck with this, or any suggestions on how this can be ressolved?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>