Be my fan on FacebookHow to sitelock a Flash movie
- March 10, 2008 by Emanuele Feronato
- Filed under Flash | 29 Comments
Sometimes you need to make your Flash movie (or game) to work only on selected domains. Sometimes you may want to blacklist some domains so they can’t display your Flash content.
This is called sitelocking, and means you lock a movie to a specific site.
Let’s see how can you sitelock a Flash file.
The first thing we need to know is where the movie is been played.
With the _url property we can determine the absolute path of a movie clip.
I will create a movie with a text field instanced as domain with this actionscript:
domain.text = _url;
This is the result:
Next we have to determine the domain name, so we need some string functions. First we need to strip all characters before :// (:// included).
Using the split method, I’ll split a the domain name into substrings by breaking it wherever :// is found, in this way:
domain_parts = _url.split("://");
domain.text = domain_parts[1];
Splitting the domain name by :// will create an array with its first element (at index 0) containing http (or https, or whatever I’ll find before the ://), and the second element with the remaining part of the domain. Look:
We are few steps away from having only the domain name.
In the same way as before, now I have to split the string when I find a /
1 2 3 | domain_parts = _url.split("://");
real_domain = domain_parts[1].split("/");
domain.text = real_domain[0]; |
Here it is:
Now, we are ready to sitelock the game. Just remember that some portals do not use their domain to host Flash games. For example, NewGrounds uses uploads.undergrounded.net while Kongregate uses chat.kongregate.com.
Anyway, the customer who will request to sitelock your Flash movie will tell you which domain you have to lock the game on.
Now, let’s think about what to do when the movie is played in a site you don’t want to be played. The easiest thing is making the root transparent so it will impossible for the surfer to use it.
1 2 3 4 5 6 7 8 9 | sitelock("www.emanueleferonato.com");
function sitelock(url_to_lock) {
domain_parts = _url.split("://");
real_domain = domain_parts[1].split("/");
domain.text = real_domain[0];
if (real_domain[0] != url_to_lock) {
_root._alpha = 0;
}
} |
This function will display the game only if played on my domain.
Now, the last interesting thing… how to sitelock to more than one site.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | urls_allowed = ["www.emanueleferonato.com", "www.triqui.com"];
sitelock(urls_allowed);
function sitelock(urls_allowed) {
lock = true;
domain_parts = _url.split("://");
real_domain = domain_parts[1].split("/");
domain.text = real_domain[0];
for (x in urls_allowed) {
if (urls_allowed[x] == real_domain[0]) {
lock = false;
}
}
if (lock) {
_root._alpha = 0;
}
} |
This one only allows movie to be played on this domain and on triqui.com
Hope you will find it useful
(23 votes, average: 4.83 out of 5)
Loading ...They can be easily customized to meet the unique requirements of your project.
29 Responses
Leave a Reply
TUTORIAL SERIES:
- Una guida completa al gioco del poker online e una selezione dei migliori casino online.
- casino online
- migliori casino online
- BlackJack online
- casinò online
YAY! first comment. anyway, sounds nice. Good Job!
thanks man, I was thinking about using something like this but in a different way, ie if my swf is not on kongregate, then show the mochiads leaderboard, otherwise use the kong API… :)
this will help me to work out the script I need
Salut!
Wonderful!
I’ve been looking for a better way to do this!
Works beautifully, thanks much!
Thanks Emanuele!
Thanks Emanuele, very helpful, I can finally sendmy game prototypes to http://www.flashgamelicense.com without fear !
Now all I require is a reply to my email or else I can’t get my game going properly. I’ll definately buy you a beer or two once the sponsorship pays through !
Sitelocking is useless if you don’t encrypt your game anyway
:o
dude, on the second to last actionscript box you put:
_root._alpha == 0;
instead of:
_root._alpha = 0;
great tut though, shall use on new game coming out
fixed. thank you.
Great! This goes to the SticKman’s magazine :D
First time I get to understand the split command.
Great tutorial as always.
Bad news, the _url property holds the url where the swf is hosted, not where it is embedded. You’re going to need a more complex solution in order to prevent people from hotlinking off your site. Of course this can be done on your actual server, but some sites that you do want your game on might not have such a fix. I’m not sure how to sitelock your game from being embedded onto someone elses site buy hosted on yours entirely within the flash.
Thats pretty much the problem here, it makes it so people cant copy the actual swf, but they can still embed it, so its pretty useless :(
nice tut tho, im sure lots of people found this helpfull in one way or another
nice tutorial thanks i will try it
It’s strange…the sitelock makes the preloader don’t work.
[...] Покажите вашу игрушку на девелоперÑком форуме или воÑпользуйтеÑÑŒ ÑервиÑом First Impression от FlashGameLicense, чтобы получить отзывы о вашей игрушке. Ðе забудьте Ñделать sitelock, чтобы предотвратить раÑпроÑтранение игрушки без вашего ведома. ЕÑли не знаете что такое sitelock игрушки, читайте здеÑÑŒ. [...]
[...] great tutorial teaching HOW to sitelock can be found here: How to sitelock a Flash movie Share and [...]
[...] 8) Submit your game to a developer forum or take a look at First Impression service by Flash Game License to get some quality reviews of your game. Remember to site-lock your game if you want to prevent it from being spread before you’re ready. If you don’t know how to site-lock a game, read How to sitelock a Flash movie. [...]
Would something like this work better than _url…?
var domain = this.root.loaderInfo.url.split(“/”)[2];
flash.external.ExternalInterface.call( “function get_url() { return window.location.toString(); }” )
what about this ?
ACTUALLY try this
browserurl = flash.external.ExternalInterface.call(“function(){return window.location.href}”).toString();
Hey there, if anyone needs an Actionscript 3 version of this tutorial, I’ve written one on my blog – http://notejot.com/2009/02/sitelocking-an-actionscript-3-flash-game/
[...] were were completely oblivious about how the flash game business works. We didn’t implement a sitelock, we didn’t implement Mochiads, we didn’t implement Mochibot, we didn’t even [...]
————————————
———-Emanuele Feronato———
————————————
You are Great!!!!!!!!!!!!!!!!!!!!!!
many thanks to you and others like you.
Netherlands
How can you be sure www or even http is always included?
I never type www when going to a website.
Wouldn’t it be better to drop the split and just check if the beginning is equal to “http://www.mydoamin.com/”?
Somebody could get around this by adding a query string with ?_url=http://www.gooddomain.com or something though when they embed the file. Is there some way to determine where the swf is actually embeded?
NewGrounds uses uploads.ungrounded.net, not uploads.undergrounded.net .
Hi there,
it’s really important to understand (what was already said) that the code in the post won’t prevent embedding the swf from an allowed host to ANY webpage. The “window.location” is the right idea there, BUT you have to use:
window.top.location
because window.top refers to the “most top” window, e.g. if your allowed domain is “allowed.com” and the evil domain “evil.com” just puts an iFrame on their site that contains the page from “allowed.com” with the game, window.location will say “allowed.com”, but window.top.location will reveal “evil.com”.
- Dennis
Step 1. Put a secret function within the flash that grabs their domain information and have it send to your database and a page that displays all thief sites.
Step 2. Put copyright / owner information pertaining to your game or movie where it cannot be overlooked by viewers.
Step 3. Put your flash on the web.
Step 4. Use the web info to report their site for theft of copyrighted materials to their domain host.
This may not work immediately if the host “doesn’t care”, but I’m sure with proper legalese and talk of “getting lawyers involved” they’ll pull the site and/or warn the client.
I contacted my own host (godaddy) on this issue and they conferred that they would pull the thief site until they remove the copyrighted materials.