First ‘Apollo’ App (finally)

When the Apollo alpha was first released a few weeks back, I began working on an application which would allow the user to drag a photo into a canvas area, and then present drawing tools to modify the photo and save it to the hard drive. Certain functionality such as drag and drop support is not yet available in the alpha release, so I’ve modified the project into what I call “HTML Snapshot Saver”.

This new module will allow a user to navigate to the website of their choice, make some quick sketches or notes over the page itself, and then save that image as a jpg to their documents folder. I can see possible uses for something like this in troubleshooting scenarios but this is mostly just a learning experience for my self. This is version .5 of the application because there is some functionality that I have not built into the thing yet. In any case, you can download it below.

Apollo Security Sandbox

The documentation released along with the Apollo downloads is tremendous. Brushing through on a basic level, I’ve found the following item of interest:

SWF files installed with Apollo applications do not need to look for cross-domain policy files. Capabilities that normally require another SWF file to grant access by calling the Security.allowDomain() method are not restricted to SWF files installed in Apollo applications.

This sounds very good. I’ve always found Flash Player security a bit restrictive. No other platform that I’m aware of has such tight rules about reading crossdomain data.

It is also stated that:

All other resources—those that are not installed with the Apollo application—are put in the same security sandboxes as they would be placed in if they were running in Flash Player in a web browser. Remote resources are put in sandboxes according to their source domains, and local resources are put in the local-with-networking, local-with-filesystem, or local-trusted sandbox.

So I guess I am pretty confused at this point… these statements seem to be in conflict with one another. I’ll have to build some sample apps to sort this out for myself.

EDIT: After toying around with Apollo and reading further into the documentation, my perception is that Flash content built with Apollo has a certain set of security features, while SWF files loaded into an Apollo application have a similar but different set of features.