To edit the Flash Security settings for your computer, click the link below. Yes, it's a bit weird that a website will make changes to your local machine, but that’s the way it works.
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html
The most common use I have found for this tool is when you are testing a SWF locally in Safari (this trick won’t work for Firefox) and you see a bunch of icons instead of the video. Adobe’s official statement is you must view videos from a server when you have embedded an FLV using Dreamweaver, which uses the FLVPlayer_Progressive swf to play your video.
When using the above too, simply add your local folder to the list of trusted areas.
The standard Dreamweaver way of embedding Flash doesn't always work, especially when trying to communicate with JavaScript as in this example. In fact, Adobe now recommends using SWFObject to embed SWF's.
There are two methods of placing a SWF on your page with SwfObject: Static or Dynamic publishing. The method that I always use is Dynamic publishing.
You can either copy swfobject.js from Google and put it on your site, or reference a copy from the CDN as shown on line five. The last line of the script will actually place the Flash (swf) file onto the page dynamically. You need to tell it the name and location of the SWF file (temperatureDial.swf in this example) the name of the DOM element that the swf will be placed into (tempGauge), the width and height (550 x 400), version of Flash Player, and finally any variables, Flash operating parameters, and DOM attributes.
<div id="tempGauge">
<p>A temperature gauge would display here if your browser could play Adobe Flash files.</p>
</div> <!-- These script lines can appear anywhere in the page, but directly beneath the </body> tag is a good place. --> <script src="http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js" type="text/javascript"></script> <script type="text/javascript"> var flashvars = {}; var params = { wMode: "transparent", allowScriptAccess: "always", allowFullScreen: true}; var attributes = { id: "flashGauge", name: "flashGauge", style: "outline:none"};
swfobject.embedSWF("temperatureDial.swf", "tempGauge", "550", "400", "9.0.0", "expressInstall.swf", flashvars, params, attributes);
</script>
The most general purpose way to get Flash and JavaScript to talk to each other is with the Flash class "ExternalInterface". An example of the ActionScript 3.0 code you need to place in your *.as file is:
import flash.external.ExternalInterface;
function myFlashFunction():void {
ExternalInterface.call('jsSetTemp',celsius); /* In this example, jsSetTemp is the name of a JavaScript function on your web page. */
}
A temperature gauge would display here if your browser could play Adobe Flash files.
The current temperature is 50.0.
To send a message to Flash (in other words, to call a Flash function) your JavaScript inside your web page would look like this:
document.getElementById("flashGauge").asMoveNeedle(newTemp);
Notice that you must first get a reference to the SWF file (via getElementById("flashGauge")) and then call the ActionScript function name, in this case, asMoveNeedle.
For a better description of how this works, and a neat demo, checkout Circlecube.com
Outbound scripting and URL access (using HTTP URLs, mailto:, and so on) are achieved through use of the following ActionScript 3.0 APIs:
The flash.system.fscommand() function
The ExternalInterface.call() method
The flash.net.navigateToURL() function
For SWF files running locally, calls to APIs are successful only if the SWF file and containing web pages are in the locally trusted security sandbox. Calls to these methods fail if the content is in the local-with-networking or local-with-file system sandbox.
The AllowScriptAccess parameter in the HTML code that loads a SWF file controls the ability to perform outbound URL access from within the SWF file. Set this parameter inside the PARAM or EMBED tag. If no value is set for AllowScriptAccess, the SWF file and the HTML page can communicate only if both are from the same domain.
The AllowScriptAccess parameter can have one of three possible values: "always," "sameDomain," or "never:"
When AllowScriptAccess is "always," the SWF file can communicate with the HTML page in which it is embedded. This rule applies even when the SWF file is from a different domain than the HTML page.
When AllowScriptAccess is "sameDomain," the SWF file communicates with the HTML page it's embedded in only when the SWF file is from the same domain. This value is the default value for AllowScriptAccess. To prevent a SWF file hosted from one domain from accessing a script in an HTML page on another domain, use this setting. Or, because this is the default, simply don't set a value for AllowScriptAccess.
When AllowScriptAccess is "never," the SWF file cannot communicate with any HTML page. Using this value is deprecated and not recommended, and is unnecessary if you don't serve untrusted SWF files from your own domain. If it is necessary to serve untrusted SWF files, Adobe recommends that you create a distinct subdomain and place all untrusted content there.