Anyone know how to sitlock on as2

9 posts (showing 1-9)
eanjo7

Market Level 6Community Level 4
344 posts

I research over the net and cant find simple sitelocking code for as2

any help will very much appreciated! thanks in advance! :)

posted 2015-04-15T15:47:03-07:00
b10b

Market Level 4Community Level 7
970 posts

The method we used to use ...

Feed in an array of domains as strings, returns boolean of whether current host is allowed.

I have no idea how reliable this is?

[as2]
function isDomainAllowed( domains )
{
    var protocol = _url.substr( 0, _url.indexOf( ":" ) );
    if ( protocol == "http" )
    {
        var slashCount = _url.indexOf( "//" );
        var host = _url.substr( slashCount + 2, _url.indexOf( "/", slashCount + 2 ) - slashCount - 2 );
        host = host.toLowerCase();
        for ( var i in domains )
        {
            var domain = domains[i].toLowerCase();
            if ( domain == host )
            {
                return true;
            }
        }
    }
    return false;
}
[/as2]

 

posted 2015-04-15T16:11:39-07:00 | edited 2015-04-15T16:15:57-07:00
eanjo7

Market Level 6Community Level 4
344 posts

okay thanks! will try that :D

posted 2015-04-16T13:59:19-07:00
JohnBlackburne

Market Level 3Community Level 10
2184 posts

You probably need to change that to also check for https as well as http, as more and more sites now are secured by it including this one.

posted 2015-04-16T18:35:53-07:00
b10b

Market Level 4Community Level 7
970 posts

Yes, good spot ... probably return true for ( protocol == "file" ) too to save hassle at build and debug time.

posted 2015-04-17T04:05:02-07:00
eanjo7

Market Level 6Community Level 4
344 posts

well I manage to work it on 

this 100% working..

urls_allowed = [ "*.yoursite.com" , "www.flashgamelicense.com" ]

showGame = false;

sitelock(urls_allowed);

function sitelock(urls_allowed) {

for ( i = 0; i< urls_allowed.length-1; i++ ) {

if (_root._url.indexOf(urls_allowed[i]) != -1) {
showGame = true;
trace( urls_allowed[i] + " " + showGame )
}
}

if ( showGame == false )
{
_root._alpha = 0;
stop()
}

}

posted 2015-04-17T04:09:49-07:00
b10b

Market Level 4Community Level 7
970 posts

However, that looks like it could be easily spoofed (eg. by putting an allowed domain at the end of the url).

posted 2015-04-17T05:29:52-07:00
JohnBlackburne

Market Level 3Community Level 10
2184 posts

b10b said:

Yes, good spot ... probably return true for ( protocol == "file" ) too to save hassle at build and debug time.

You could just have two arrays, one of domains and one of protocols, so you could e.g. have http: for some sites, https: for others (or both by having two entries for a domain). As for testing I run a web server on this machine and access it via http://localhost/...

posted 2015-04-17T13:39:32-07:00
jjwallace

Market Level 7Community Level 17
4715 posts

I use secureSWF to site lock, it is pretty nice software...

posted 2015-05-05T21:10:27-07:00