Simple way to protect your SWF from being ripped
When making a Flash component most of us try to make it as dynamic as possible, often to using XML to configure and feed the application. I personally sell small Flash components on FlashDen that all use XML to get image addresses or global settings. The FlashDen website requires you to submit a preview file to show how the application works, but in most cases this also gives you the key to the product. Although the SWFs are obfuscated, you still can download the XML and the swf, fill the XML with your own data and use it without purchasing the source. In order to prevent this one of the FlashDen member (Alex Pica) wrote a class to check the current domain and returns a false Boolean if the file is not on the right domain. The AS 2.0 class by Alex Pica:
/** * @author Alex PICA * @version 1.0 * * Class: FlashDenPreviewFileProtection * Description: I made this class to prevent the theft of the preview files from flashden.net */ import mx.utils.CollectionImpl; import mx.utils.IteratorImpl; class net.alexandrup.common.FlashDenPreviewFileProtection { //this var will be set to true when compiling preview files public static var IsPreviewFile:Boolean = false; /** * Tests if the current SWF file is stolen * @return TRUE if it is a stolen swf */ public static function isStolenSWF():Boolean { //do not check if this is the fullversion file if (IsPreviewFile === false) return false; var _domain:String = (new LocalConnection()).domain(); var _allowedDomainList:CollectionImpl = new CollectionImpl(); //------- add here all strings that would have to be found in allowed domain names --------o _allowedDomainList.addItem("flashden"); _allowedDomainList.addItem("localhost"); //add localhost and 127.0.0.1 to be able to run locally _allowedDomainList.addItem("127.0.0.1"); //--------------------------------------------o var _it:IteratorImpl = IteratorImpl(_allowedDomainList.getIterator()); while (_it.hasNext()) { if (_domain.toLowerCase().indexOf(_it.next().toString().toLowerCase(), 0) > -1) { return false; } } return true; } //private constructor to prevent instantiation private function FlashDenPreviewFileProtection() { }; } Just copy/paste it and change the package to whatever you like. Usage: net.alexandrup.common.FlashDenPreviewFileProtection.IsPreviewFile = true; if (!net.alexandrup.common.FlashDenPreviewFileProtection.isStolenSWF()) { this.Init();//here is where you initialize your application } else { var txt:TextField = _root.createTextField("err_txt", 1, 0, 0, Stage.width, Stage.height); txt.multiline = true; txt.textColor = 0xFF0000; txt.text = "This file is stolen from www.flashden.net."; }
AS3 Rewrite by me:
/** * @author Boy Carper - Toybot Interactive * @version 1.0 * * Class: FlashDenPreviewFileProtection * Description: This is a AS3 rewrite of the original AS2 class by Alex PICA. * The class prevents the theft of the preview files from flashden.net * * Usage: var loader:URLLoader = new URLLoader(); FlashDenPreviewFileProtection.addAlowedDomain("www.flashden.com"); FlashDenPreviewFileProtection.addAlowedDomain("flashden.com"); FlashDenPreviewFileProtection.addAlowedDomain("localhost"); FlashDenPreviewFileProtection.addAlowedDomain("127.0.0.1"); if(!FlashDenPreviewFileProtection.isStolenSWF(root)) loader.load(new URLRequest("pathtoyourxml.xml")); * * */ package com.toybot.flashden { public class FlashDenPreviewFileProtection { private static var _isPreviewFile:Boolean = true; private static var _allowedDomains:Array = new Array(); public static function isStolenSWF(_root:Object):Boolean { var i:int; for(i=0;i<_allowedDomains.length;i++) { if(String(_root.loaderInfo.url).indexOf(_allowedDomains[i])!=-1) return false } return true; } public static function addAlowedDomain(domain:String):void { _allowedDomains.push(domain); } } }
The examples are focussed on the flashden domain, but can of course be used for any domain.
Filed under Actionscript 3 |7 Responses to “Simple way to protect your SWF from being ripped”
Leave a Reply
You can do this automatically and more securely using secureSWF’s Encrypted Domain Locking feature. Your domain list will be securely encrypted and the code that checks for the domains will be obfuscated (as well as all your code) so it cannot be altered or removed.
Yeah that is great except that “AS3 isn’t currently supported”. But for FlashDen authors such a tool is not needed because FlashDen hanldes the obfuscating.
That sounds great!
The only thing left to do for me now is learn howto make dynamic Flash
I don’t understand much of this code and where should I insert it … maybe you can point me exactly where Alex has written about this tehnique.
Thanks
http://flashden.net/forums/thread/stealing-preview-swf-files/3706?page=1#32077
[...] informatie vind je hier: Over toegang tot flickr Adobe livedocs Over de policyfile Please [...]
Hello!
Very Interesting post! Thank you for such interesting resource!
PS: Sorry for my bad english, I’v just started to learn this language
See you!
Your, Raiul Baztepo