The FileAttributes tag is new to version 8. It must be present in all movies version 8 and over. It must be the very first tag in the SWF movie. It should be unique (other instances will be ignored.)
The f_has_metadata flag shall be set to 1 whenever the movie includes a Metadata tag.
The f_allow_abc flag shall be set to 1 to give the player the right to execute DoABC scripts (this is a version 9 flag, in version 8, keep it set to 0.)
The f_suppress_cross_domain_caching must have some effect over the caching of some things... (version 9+)
The f_swf_relative_urls means that URLs specified in the movie are relative to the URL where the movie was loaded from. (version 9+)
The f_use_network flag needs to be set to 1 in order for the movie to be given the right to access the network. By default, a local movie will be allowed to load other local movies but nothing from the network.
NOTES
I'm not registered as a security expert. However, this tag does not solve any security issues. It is a mimic just like the Protect, ProtectDebug and ProtectDebug2 tags. If you are playing a flash animation from a hacker, the fact is that it can include anything it wants and hack your system if the player has a flaw. Only a player without any flaws will be safe.
Comments
FileAttributes tag not required
Based on my experiments, FileAttributes tag is not required for any version of SWF; in fact, its contents appear to be ignored (e.g. disabling f_allow_abc doesn't change the behavior of Flash files containing DoABC tags). I reached this conclusion by creating different copies of a Flash file, where I removed the tag, changed the tag's contents, etc., and saw that these Flash files play exactly the same as the original.
This could be because the SWF version byte (at offset +3 in the file) apparently doesn't work the way one would expect: you would think that a Flash Player wouldn't attempt to load a Flash file with a bigger version than the Player knows how to support, but any large number there is accepted. Instead, the only effect of SWF version appears to be that newer tags aren't accepted when the version number is before the first version that supported that tag. For example, Flash files containing DefineBinaryData stop working if I set the SWF version byte to some number < 9.
This behavior is of course bizarre, and fairly useless as version control goes.
Post new comment