Determining a Flex application’s current security sandbox type

The following example shows how you can determine the current security sandbox type for a Flex application by checking the static, read-only Security.sandboxType property. You can also check for specific sandbox types by comparing the sandboxType property to the static constants in the Security class (LOCAL_TRUSTED, LOCAL_WITH_FILE, LOCAL_WITH_NETWORK, and REMOTE).

Full code after the jump.


<?xml version="1.0" encoding="utf-8"?>
<!-- -->
<mx:Application xmlns:mx=""

            private function init():void {
                switch (Security.sandboxType) {
                    case Security.LOCAL_TRUSTED:
                        sandboxLabel.text += " (Local trusted)";
                    case Security.LOCAL_WITH_FILE:
                        sandboxLabel.text += " (Local with file)";
                    case Security.LOCAL_WITH_NETWORK:
                        sandboxLabel.text += " (Local with network)";
                    case Security.REMOTE:
                        sandboxLabel.text += " (Remote)";

        <mx:FormItem label="Security.sandboxType:" fontSize="16">
            <mx:Label id="sandboxLabel" text="{Security.sandboxType}" />


View source is enabled in the following example.

4 thoughts on “Determining a Flex application’s current security sandbox type

  1. Peter, what would be a use-case for this? The only thing I can think of is automatically switching between a live url or a test url (for local dev’ that is).

    BTW, where’s the RSS or subscribe feature for comments? :-D (not that I can really talk but figured I’d ask)

  2. Their isn’t a valid use case for this example specifically. But I’m working on the security feature and the loading rules are different for each of the 4 sandbox types.
    Typically when you build an application you’d know where it is being deployed though.

    RSS for comments? There are two. Look in the footer for the site-wide comments, where it says “powered by WordPress and Redoable 1.2”. The link is
    If you want RSS for a specific entry, look below the lone Google ad around the entry comments. There should be an orange RSS icon which says “Feed for this Entry”, or, it looks like you can just append “/feed/” to the end of the URL. So for this specific entry it’d be:


  3. One such use-case that I just ran into involved checking the sandbox type to know whether to pass a SecurityDomain to a LoaderContext. This worked nicely to allow me to fork the LoaderContext logic when running the SWF from the filesystem as opposed to a server.

  4. hi
    i want to devlope Banking Application on Flex so how can security is handled in flex about user personal detail,credit card number,password and all that?
    how can i achive this in flex?
    i have SOAP response

Comments are closed.