nw-flash-trust
Advanced tools
Flash Player trusted locations manager for NW.js and Atom Electron
Cross-platform solution for NW.js and Electron to make your Flash plugins trusted, so they can run smoothly.
NW.js uses local file:// protocol to render pages. Unfortunately, for security reasons Flash Player doesn't like SWFs embedded locally and applies very restrictive policy to them. Such SWF lands in one of two possible local sandboxes, and communication via ExternalInterface is blocked.
Fortunately there is officially supported way of making your local SWF trusted, so previously mentioned restrictions don't apply. Full explanation can be found in Adobe Flash Player Administration Guide.
Long story short: you have to put text file in special directory provided by Flash Player and save to this file paths of SWFs you want to be trusted. This library provides cross-platform API for doing just that.
npm install nw-flash-trust
For simplicity API is fully synchronous. It does a little of I/O, but so little it shouldn't be an issue.
var path = require('path');
var flashTrust = require('nw-flash-trust');
// appName could be any globally unique string containing only
// big and small letters, numbers and chars "-._"
// It specifies name of file where trusted paths will be stored.
// Best practice is to feed it with "name" value from your package.json file.
var appName = 'myApp';
// Initialization and parsing config file for given appName (if already exists).
var trustManager = flashTrust.initSync(appName);
// Alternatively you can provide a custom flash config folder for initialization.
// This is useful for example if you use Atom Electron and a PPAPI flash plugin (like Pepper Flash),
// as the flash config folder in this case would be in the Atom Electron data path folder.
var trustManager = flashTrust.initSync(appName, '/yourApp-data-path/Pepper Data/Shockwave Flash/WritableRoot');
// adds given filepath to trusted locations
// paths must be absolute
trustManager.add(path.resolve('path-to', 'file.swf'));
// whole folders are also allowed
trustManager.add(path.resolve('path-to', 'folder'));
// removes given path from trusted locations
trustManager.remove(path.resolve('path-to', 'file.swf'));
// returns true or false whether given path is trusted or not
var isTrusted = trustManager.isTrusted(path.resolve('path-to', 'file.swf'));
// returns array containing all trusted paths
var list = trustManager.list();
// removes all trusted locations from config file
trustManager.empty();
MIT
FAQs
Flash Player trusted locations manager for NW.js and Atom Electron
The npm package nw-flash-trust receives a total of 4 weekly downloads. As such, nw-flash-trust popularity was classified as not popular.
We found that nw-flash-trust demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious Go packages are impersonating popular libraries to install hidden loader malware on Linux and macOS, targeting developers with obfuscated payloads.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.