• Stars
    star
    107
  • Rank 323,587 (Top 7 %)
  • Language
    JavaScript
  • Created over 14 years ago
  • Updated over 8 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Cross-domain flash cookie library for javascript. ~ 4kb total when JS is minified and gzipped.

SwfStore

SwfStore is a JavaScript library for cross-domain flash cookies. It includes a .swf file that handles the storage and a JavaScript interface for loading and communicating with the flash file.

Working example: https://nfriedly.github.io/Javascript-Flash-Cookies/ and http://nfriedly.com/stuff/swfstore-example/

Bower package Build Status


Security Warning

The default storage.swf allows any website to read the data in your flash file. You should avoid storing private information in it. It would be wise to edit and recompile the flash file to limit itself to your domain and http/https settings. (See src/Storage.as around line 93.) You can do this yourself with Adobe Flash or the Apache Flex SDK (free) or I can do it for you for $5 - email me for details.

Also, versions older than 1.9.1 are vulnerable to a XSS attack and should not be used.

Compatibility

Selenium Test Status (It also should work in older IE and Safari's, but the tests don't.)

Requires Flash Player 9.0.31.0 or newer. Should be compatable with nearly all desktop browsers, assuming the user has Adobe Flash installed (or it's Google Chrome, which has flash player built in). Very few mobile browsers/devices support flash.

Installation

Via Bower:

bower install --save flash-cookies

Or install via npm (for use with browserify:

npm install --save flash-cookies

Usage Notes

Ensure that the storage.swf file is available, Browserify won't make it public by default.

Certain built-in keys such as hasOwnProperty cannot be overwritten in actionscript. A future version may detect this and throw an error.

Most mobile devices will not work due to lack of flash support.

Basic Usage

// this should run on DOMReady, or at least after the opening <body> tag has been parsed.
var mySwfStore = new SwfStore({
  namespace: "my_cool_app",
  swf_url: "//example.com/path/to/storage.swf",
  onready: function() {
    mySwfStore.set('key', 'value');
    console.log('key is now set to ' + mySwfStore.get('key'));
  },
  onerror: function(err) {
    console.error(err.message);
  }
});

A more thorough example is also available at http://nfriedly.com/techblog/2010/07/swf-for-javascript-cross-domain-flash-cookies/

Configuration options

  • swf_url: URL to included storage.swf file. All sites/pages using SwfStore should have the exact same url here for cross-domain usage, and it should be a protocol-relative url (just // instead of http:// or https://) for cross-protocol usage.
  • namespace: Namespace used both internally for the JS object and for the LocalStorage Object (cookie). May contain forward slash (/) but all other special characters will be replaced with _
  • debug: Set to true to log debug information to the browser console (Automatically creates a logging <div> on the page if no console is available.)
  • timeout: Number of seconds to wait before concluding there was an error. Defaults to 10.
  • onready: Callback function to fire once SwfStore is loaded and ready. No arguments.
  • onerror: Callback function to fire in the event of an error. Passes an Error object as the first argument.

API

Instance methods:

  • get(key): Returns the value for key as a String or null if the key is not set.
  • set(key, value): Sets key to value.
    • Note: setting a key to null or undefined is equivalent to clear()ing it.
  • clear(key): Deletes the value for key if it exists.
  • getAll(): Returns a Object in the form of {key: value} with all data stored in the .swf.
  • clearAll(): Clears all data from the .swf.
  • ready: Boolean to indicate whether or not the .swf has loaded and is ready for access.
    • Note: providing an onready callback to the config is recommended over checking the .ready property.

Troubleshooting

  • Be sure the urls to the .swf file and .js file are both correct.
  • If the .swf file is unable to communicate with the JavaScript, it will display log messages on the flash object. If debug is enabled, this should be visible on the page.
  • To hide the flash object and disable the log messages appending to the bottom of the page, set debug: false in the configuration options. (Log messages are added to a <div> if no browser console is available).
  • If the user does not have flash installed, the onerror function will be called after a (configurable) 10 second timeout. You may want to use a library such as Flash Detect to check for this more quickly. Flash Player 9.0.31.0 or newer is required.
  • If you pass a non-string data as the key or value, things may break. Your best bet is to use strings and/or use JSON to encode objects as strings.
  • If you see the error `uncaught exception: Error in Actionscript. Use a try/catch block to find error., try using // in the .swf URL rather than https://. See #14 for more information.
  • Do not set display:none on the swf or any of its parent elements, this will cause the file to not render and the timeout will be fired. Disable debug and it will be rendered off screen.
  • The error this.swf.set is not a function has been known to occur when the FlashFirebug plugin is enabled in Firefox / Firebug.
  • This library is not sutable for storing large amounts of data because the .swf is normally rendered off screen and thus there is no way for the user to respond to Flash's prompt to increase the storage limit.

File Details

storage.swf is the compiled flash file ready to be embedded in your website. Note the security warning above.

swfstore.min.js - a copy of swfstore.js, minified for your convenience. This and a copy of storage.swf should be all you need to use this on a production website.

swfstore.js handles the interaction between javascrpt and flash, it also handles embedding and some basic error checking.

Storage.as is where all the magic happens. It maps an External Interface to a Local Storage Object. I'm no expert when it comes to Flash / ActionScript, but it should be reasonably well documented and fairly safe.

The storage.fla is essentially just an empty shell file that points to Storage.as as it's main class.

See example/index.html for a working example that you can put on your site.

Compiling

.js

This project uses UglifyJS2 via the Grunt plugin. Setup:

  • Install Node.js
  • Install Grunt globally: npm install -g grunt
  • cd into the project directory and install the dependencies: npm install
  • Run grunt uglify to "compile" (minify) the JavaScript.

.swf

This .swf can be compiled using Adobe Flash (paid) or the Apache Flex SDK (free).

With Adobe Flash, open src/storage.fla and export it to dist/storage.swf

Grunt is set up to use Apache Flex via the grunt-swf plugin. The plugin is installed via the standard npm install but the SDK must be installed separately.

See flex-sdk/instructions.md or https://github.com/nfriedly/grunt-swf#installing-the-apache-flex-sdk for more details on installing the Flex SDK.

Then run grunt swf to compile the .swf.

Tip: grunt build will compile both the .js and the .swf.

(Note: on Windows, Git Bash may give better results than the windows command prompt.)

Contributors

Release process

  • Update the the changelog in the readme
  • Compile anything that's changed (see the Compiling section above)
  • Commit everything
  • Run npm version [major | minor | patch ] with the appropriate flag (Ssee http://semver.org/ for details)
  • Push to Github - Travis CI will automatically run tests and publish when appropriate

To Do

Changelog

See history.md

MIT License

Copyright (c) 2010 by Nathan Friedly - http://nfriedly.com

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

More Repositories

1

node-unblocker

Web proxy for evading internet censorship, and general-purpose Node.js library for proxying and rewriting remote webpages
JavaScript
391
star
2

set-cookie-parser

Parse HTTP set-cookie headers in JavaScript
JavaScript
154
star
3

nodeunblocker.com

Evade internet censorship!
HTML
150
star
4

node-bestzip

Provides a `bestzip` command that uses the system `zip` if avaliable, and a Node.js implimentation otherwise.
JavaScript
80
star
5

spam-free-php-contact-form

Simple, human-friendly contact form (no captchas). Uses JavaScript and hidden fields to thwart spammers.
HTML
70
star
6

Coin-Allocator

Bitcoin/Altcoin/USD trading bot. Was moderately profitable, until the exchange got hacked. No longer under active development.
JavaScript
49
star
7

DuckDuckGo-GoogleSuggest

Node JS server that proxies google suggest queries for the Duck Duck Go search box, and adds the !'s back on when google removes them.
HTML
40
star
8

facebook-js-sdk

Facebook's debug.js (what gets minified into sdk.js), updated every 10 minutes
JavaScript
39
star
9

approximate-number

Converts numbers into a more human-friendly format. E.g. 123456 becomes 123k. Similar to `ls -lh` or Stack Overflow's reputation numbers.
JavaScript
37
star
10

get-user-media-promise

Basic wrapper for navigator.mediaDevices.getUserMedia with automatic fallback to navigator.getUserMedia
JavaScript
22
star
11

node-pagerank

Node.js library for looking up the Google PageRank of a given site. No longer functional.
JavaScript
17
star
12

miyoo-toolchain

Dockerfile to build an image with the toolchain and other dependencies to compile software the Miyoo Custom Firmware (CFW)
Dockerfile
12
star
13

nodemcu-weather-station

Displays current weather conditions inside and out
Lua
12
star
14

nfriedly.com

My personal website. Contact info, portfolio, links, etc.
JavaScript
12
star
15

couchdb-backup-restore

Node.js library for simple backup and restore of CouchDB databases
JavaScript
12
star
16

node-gatling

A simple node.js script that turns a single-threaded server into a multi-threaded server with automatic restarting.
JavaScript
8
star
17

contentful-dictate

A UI Extension for Contentful that uses IBM Watson Speech to Text to enable voice dictation.
JavaScript
7
star
18

node-dreamhost-dns-updater

A quick script I build to set a given hostname to my current IP via Dreamhost's API
JavaScript
5
star
19

dog-food

Gadget that answers the question of "Did anyone feed the dog yet?"
Python
4
star
20

node-whats-my-ip

Simple text-based service to find your public IP. Can be run for free on heroku (and likely other similar services)
HTML
4
star
21

docpad-plugin-cloudant

Cloudant importer for DocPad (Cloudant is a hosted couchdb service)
CoffeeScript
3
star
22

docpad-plugin-mongodb

MongoDB importer for DocPad
CoffeeScript
3
star
23

gps.bb.tracking

Blackberry GPS tracker similar to google's android one.
Java
3
star
24

prefix-stream

Prepend each chunk in a node.js text stream with the given prefix
JavaScript
3
star
25

aplexa

Web App that shows what song the Plex skill for Alexa is currently playing
JavaScript
2
star
26

Meteor-ODB-II

A quick ODB-II (vehicle diagnostic code) search website built with Meteor
JavaScript
2
star
27

running-average

Memory-efficient module that tracks the average value of an unlimited quantity of numbers
JavaScript
2
star
28

vzw-bot

Bot that automatically logs into My Verizon, reports data usage, and can spend "smart rewards" points on avaliable sweepstakes.
JavaScript
2
star
29

space-jump

A cross between Lunar Lander and Doodle Jump
JavaScript
2
star
30

dreamhost

DreamHost API client for Node.js and Browsers
JavaScript
2
star
31

hn-avatars

UserScript to generate avatars next to usernames on Hacker News
JavaScript
2
star
32

docpad-plugin-redirector

DocPad plugin for redirecting URLs to other websites via configuration.
CoffeeScript
2
star
33

Stripe-CTF-2014-level2

Dynamic ingress filter to fight off a DDOS while allowing legitimate traffic through
JavaScript
1
star
34

eleventy-plugin-less

Plugin for eleventy (11ty) to convert Less stylesheets to CSS
JavaScript
1
star
35

wdc-deep-dive

Code from my Technical Deep Dive presentation on the IBM Watson Developer Cloud Node.js SDK
JavaScript
1
star
36

MacAdSense

An updated version of Kai 'Oswald' Seidler's MacAdSense dashboard widget
1
star
37

sweetspot

"Sweeps Bot" - Bot to help you remember & enter sweepstakes
JavaScript
1
star
38

aoc-2022-02

Advent of Code 2022 - Day 2
Rust
1
star
39

rss-xslt

A tool I built in college to add a custom XSLT theme to an arbitrary RSS feed. Moving it here for safe keeping.
PHP
1
star
40

ua.nfriedly.com

Static User Agent parser, previously at whatsmyua.com
HTML
1
star
41

contributor-locations

List the locations of all contributors to a GitHub repo.
JavaScript
1
star
42

aoc-2022-1

Advent of Code 2022 - Day 1
Rust
1
star
43

oled-saver-watchface

Watchface for Wear OS that randomly moves the time around to avoid burn-in on OLED displays
Java
1
star
44

JS-Mini-Shell

A Super-lightweight interactive JavaScript shell that fits into a bookmarklet
CSS
1
star
45

picsync-server

Accepts uploaded photos and stores them privately, allowing you to later review them and post your favorites to Facebook. Written for node.js
CSS
1
star
46

BiblePeople

RoR based website with details on people and family lines in the Bible
Ruby
1
star
47

grunt-swf

Compiles .as files to .swf via the Apache Flex SDK (free but must be installed seperately)
JavaScript
1
star
48

Arduino-Fan-Controler

Controls a whole-house fan for energy-efficient home automation
Arduino
1
star
49

puck.js-media-control

Remote control to pause, resume, and rewind audiobooks playing from my phone
JavaScript
1
star
50

aoc-2022

Advent of Code 2022
Rust
1
star
51

web-shell

Interactive command prompt for locked down app servers (such as Bluemix). Highly insecure.
JavaScript
1
star
52

value-averaging

A website to help make the value averaging investment strategy easier.
JavaScript
1
star
53

socket.io-example

Just a quick demo I put together
JavaScript
1
star
54

aoc-2022-03

Advent of Code 2022 - Day 3
Rust
1
star
55

ypool-xpm-miner-watcher

A node.js script to watch ypool.net's PrimeCoin jhPrimeminer and restart it every time it crashes
JavaScript
1
star