Undocumented ActionScript Flash Hack - Trace() Statements
(Page 4 of 4 )
You can try to access the methods and properties of the class using trace( ) statements to see what they return. Here, I access the String.fromCharCode( ) method, which I know accepts one numeric argument because it is a documented method:
trace(String.fromCharCode(65)); // Displays: A
However, the listing also includes undocumented classes, such as:
Cookie
setCookie
getCookie
_ _proto_ _
constructor
You’ll have to guess whether a list item is a property or a method, and if it is a method, you might have to guess the expected parameters. For example:
trace(Cookie.getCookie());
displays the following:
Error opening URL "file:///C|/WINDOWS/PROFILES/SHAM%20B/ APPLICATION%20DATA/MACROMEDIA/FLASH%20MX%202004/EN/ CONFIGURATION/Mmfdata/mmfdata3ff9f1df.xml"
which tells me that it is trying to open a particular file even without me specifying a filename as a parameter!
So then I tried to create a cookie using Cookie.setCookie( ):
Cookie.setCookie("footest data");
Then, I tried calling getCookie( ) again:
trace(Cookie.getCookie());
This time, there was no error! So the setCookie( ) method must have successfully stored the file that getCookie( ) was looking for.
So I fished the mmfdata3ff9f1df.xml file out of the folder cited in the preceding error message, opened it in a text editor, and sure enough, it contained my cookie text:
footest data
Buttrace(Cookie.getCookie( ));wasn’t displaying anything in the Output panel, so I checked the datatype of the return value:
trace(typeof Cookie.getCookie());
Sure enough, it displayed “object” in the Output panel, so getCookie( ) was returning an object! A quick for...in loop test displayed the object’s properties, which, not surprisingly, were properties of the XML class (plus a few others). Here is the code confirming the object is an instance of the XML class (although more likely a custom subclass of the XML class). Test it in Flash MX 2004 to see the properties it displays.
Cookie.setCookie("footest data");
result = Cookie.getCookie();
trace (typeof result);
trace (result instanceof XML);
for (props in result) {
trace (props);
}
Decoding the XML structure to recover the original text (“footest data”) specified in the original setCookie( ) call, is left as an exercise for the reader.
Happy hunting!
Final Thoughts
Of course, undocumented features of the Flash Player are undocumented and unsupported for a reason. They may be beta features that don’t work properly or haven’t been thoroughly tested. There is no guarantee that undocumented features will be present in future versions of the Flash Player, so use them with caution. Even if it works on one browser and platform, it might not work on all of them.
 | If you've enjoyed what you've seen here, or to get more information, click on the "Buy the book!" graphic. Pick up a copy today!
Visit the O'Reilly Network http://www.oreillynet.com for more online content. |
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
