Adobe AIR 1.0 hates the ComboBox Component
So, I have been attempting to port some of my older AIR applications to 1.0 recently. While trying to get one of my apps running today I kept receiving the following error when testing (publishing in debug mode):
*** Security Sandbox Violation ***
SecurityDomain ‘app:/my.swf’ tried to access incompatible context ‘http://adobe.com/apollo’
I started removing things and pulling code and trying to troubleshoot the cause of the error. Finally, I pulled the ComboBox component and the error went away. Just for giggles I created a brand new AIR file using the latest and greatest Flash Update, AIR Extension, Flash Player, etc. thinking I must have some sort of legacy file somewhere. I placed nothing but a ComboBox component on the stage and tested it. I got the same error. What I find interesting is that it references Apollo. I am on a Mac (Leopard) so I had a co-worker test on Windows XP. They got the same error. Now, the app plays back fine for the most part but I worry about what might happen down the road… I have a scree record below showing the steps used to get the error. Anyone else experience this strange phenomenon?
April 17th, 2008 at 1:20 pm
This sounds like a bug, and we have logged it (#1618963 in our internal bug base for future reference).
Did you happen to be on the beta for AIR for Flash CS3? Could you have some beta components?
mike chambers
mesh@adobe.com
April 17th, 2008 at 1:34 pm
Also, can you confirm which version of the runtime is being used?
NativeApplication.nativeApplication.runtimePatchLevel
should be equal to 4880. (AIR 1.0)
mike chambers
mesh@adobe.com
April 17th, 2008 at 4:07 pm
Mike, the output trace shows version: 1.0
4880.
-Ben
April 18th, 2008 at 2:41 pm
We tracked this down to an issue in the components / AIR, and have fixed it in internal AIR builds.
In the meantime, Im trying to find out if there is a workaround for the issue which you can use until we update AIR.
Thanks for all of the help with this, and sorry about the hassle…
mike chambers
mesh@adobe.com
April 25th, 2008 at 7:34 am
Great Post!
I’m getting the same result when trying to load sound from a combobox in AIR. I thought it was the loading of the sound that was causing the sandbox violation. Turns out it is the ComboBox.
Good to see that this is getting fixed cause i was tearing my hairs out!
Cheers,
Sidney
May 14th, 2008 at 2:23 pm
Ouch! Dammit .. yes, this is causing me problems too. Thanks for the comprehensive testing – I have no idea how long it might have taken me to diagnose that – probably days. Instead it took 2 minutes on a google …
Any ideas how soon it might be resolved? I spose I should go check the adobe bug lists to see when they might bless the rest of us with their internal fix …
Thanks for the tip – much appreciated.
August 17th, 2008 at 11:05 am
What’s weird is that I was following along with the new Lynda.com title, AIR for Flash Developers, and the guy uses a ComboBox component without even thinking about it. Wonder if he’s privy to the internal builds…
When I deleted the ComboBox and the error went away, I thought that it couldn’t possibly be the ComboBox, could it? But all signs pointed to it…thanks for verifying this and beating me to the bug report!
July 15th, 2009 at 8:47 am
Isn’t the problem located in the List component (which is part of the Combobox component)? The List component throws exactly the same error.
Is this one fixed already? I’m on Flash CS3.
September 20th, 2009 at 11:04 pm
Using default settings, Adobe AIR seems to hate mx.controls.Image too. If you create a new AIR application in Flex Builder, add an Image component (via either code or the design view), then set the source to the path to a local file (again, via either code or the design view), you should be able to see the image in the design view, but it will most likely not appear when you try to run the application. If you run in debug mode, you should see a “Security Sandbox Violation” message in the Console tab—probably especially surprising to anyone who did everything via design view, which displays local images without complaint (at least, it does under default project settings).
According to a security article at the Adobe Web site (http://www.adobe.com/devnet/air/articles/introduction_to_air_security.html), the problem seems to be this:
“Only content loaded directly from the application home directory (via the app:/ URI scheme) can be placed in the application sandbox.”
Of course, I’m using a newer version of Adobe AIR (1.5.2) than the one in the article and I’m also still looking into this issue, but that sounds like it might be the problem. Then again, I’ve seen AIR applications and even Flash-based image uploaders load images from other locations, so perhaps not. What I am certain of, though, is that Adobe’s security sandboxes result in a lot of wasted time.