One SWF to rule them all : The Almighty PreloadSWF
*EDIT 2010-08-27*
this tool = @deprecated
the NEW (and way better) version can be found at: FlashPreloadProfiler
*END EDIT*
In my last article I introduced you to a bunch of features hidden in mm.cfg,
Many were very happy to see advanced tracing and logging features.
Many were happy to be able to see the byte code easily.
But everybody missed the most important feature!
The Almighty PreloadSWF
It’s all possible, and more!
How does it work
PreloadSWF is a feature mostly used by the Flex Profiler. When a profiling start, the Flex Profiler will write its own PreloadSWF entry in the mm.cfg file and launch its sampler SWF. When the sampler SWF is loader, it passes information about the profiled SWF to the profiler via socket connection.
Ok, but what is the relation between the sampler app and the profiled app? Both file are supposedly in separated domains and hence are not supposed to have direct communication one with the other. When the PreloadSWF starts, you have aboslutly no information conserning the other swf being loaded and you have nothing to hook on to get that access (for now).
First, you need the Flash Player debug version
You have to setup you mm.cfg file to point to a SWF.
Then ANY (as3) flash app you load will load your SWF first.
(By the way, when I say any… it’s really ANY! (Mode: debug OR release!)
And it’s also valid in any context: Stand alone Player, Browser, Bridge, ActiveX, anything.
At this point you can add stuff to your stage and actually see it in a public flash app on the internet.
But since there is no communication between the public SWF and your SWF, and your SWF is local to your computer, there is not much to do.
Here come the Magic: Another hidden feature of flash.
When the second flash app is loaded, there is an (undocumented) event triggered called “allComplete“. And the good thing about this event is that it has a valid target! And guess what target this is? The Main flash app! The only thing you have to do is add an event listener on “allComplete” and wait for it to be triggered!
Ok so what can be done with that?
Well, by having access to the Main stage, you can do anything you want! Add sprite, manipulate DisplayList…
You can also have the Flash params because since you got the stage, you also have:
Wow that’s awesome!
But let’s think about it: if I’m loaded first, and I have access to the stage, then what restrain me from calling an external profiler like DeMonsterDebugger?
Again, no restriction here!
Just add the MonsterDebugger classes to you SWF, and run your favorite video from a live website; you can now edit all the interfaces and controlof that flash instance right away!
Using that you can also call public function with parameters inside MonsterDebugger.
But what more could be done…
Class merging? Wrong… you can’t because securityDomains won’t let you.
And what would happen if you take the loaderInfo.bytes, and do a
loader.loadBytes(bytes, Application.currentDomain);
Well that is working, you can now override classes! (But it’s kind of useless since after that your URL won’t be the same and most transactions will be refused after that.
Still it’s a nice trick 
If you’re interested in fake SWF loading with class merge, read my advanced flash player security walkthrough!
Don’t forget that once you modified the mm.cfg file to run your SWF, all flash will run your code, so make sure it’s lightweight!
Example
I made a simple app to show statistic on the currently played flash app.
The objective was to have all the most important information while still keep the smallest interfaces possible.
The profiling information I showed are:
FPS (Frame per Second) with a graph
Current Memory and Max Memory with a graph
Connectivity with MonsterDebugger (The Icon is in color when the connection is established)
The memory graph reflect changes over time.
The app also add a contextMenu item “Show Profiler” which toggle on/off the profiler visibility
open your mm.cfg and set PreloadSWF=c:\MicroProfiler.swf
Enjoy the (profiled) web!
SVN Source Code
Direct View Source
bin/MicroProfiler.swf
Request
The app I made is very experimental and the code is very messy. If someone wants to add feature or make it better please do! Just send it back to me so that I can update it here. Thanks!
Conclusion
I hope that this feature will be used more for “good” reason than for bad ones.
I know that it enables people to manipulate live data and that it can be very tricky, but I really think that better and bigger tools will comes out of all the hidden features I released yet.
I also think that releasing all these information is good for ActionScript because it encourage senior programmer from many other languages to look at as3 and flash in a different way.
Link to my new twitter: @jpauclair
*Edit*
I entered a bug in the Adobe bug base to fix this issue. (But since it’s under Security, no one can see it)
The way I see it: The could block all PreloadSWF action when the loaded SWF is in release mode.
Also, if you want to prevent being targeted by this, follow good coding practice:
If something does not NEED to be public, set it to protected or private. (won’t be seen in MonsterDebugger)
Do not read data like Sprite.x, Sprite.y, just write to them. All manipulation should be done in a background DataStructure.
*End edit*
References
De MonsterDebugger
DisplayLoader
Sampler Package
Hi,
Nice work!
I’ve been trying to get this to run but no joy so far. I downloaded DeMonsterDebugger and your source files and compiled a version which shows up as normal (fps, memory etc).
I’ve added a line to my mm.cfg file with the path to the preloader swf.
So far i’ve tried:
* youtube: No debug bar, but i get some more context links on right-click (copy embed html, show video info, copy debug info)
* the flash on my own site: no change
* a full flash website: no change (though on that site, a context menu is used to hide all the non essential links)
* a project with a preloader (built from flashdevelop and adding a “-frame start Main” line to the precompile options): SWF opens and closes immediately
* a project with no preloader: crashes immediately
Am I perhaps missing something?
Thanks
damian
February 18, 2010 at 6:15 am
you need flash (debug version)
youtube is not all as3, there is many avm1 movie.
jpauclair
February 18, 2010 at 7:33 am
yep,
The last 2 points (project with and without preloader) are running from FlashDevelop using the debug player.
Is there a particular site or swf that you test this on?
thanks
damian
February 18, 2010 at 8:22 am
I’m in the same boat. Using FP 10.1 debug viewing AS3 movies, and I don’t see the toolbar. Anyone else have suggestions?
Chris Deely
February 18, 2010 at 11:01 am
Make sure MicroProfiler.swf is located inside a secure location. You will most likely need to change your Flash Player’s global security settings:
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html
After altering it you might need to restart your browser. I was kinda curious so I tested this in the debug FP standalone, IE 8, FF 3.5, Chrome 4, Safari 4.0 and Opera 10.5 ^^. The toolbar works fine anywhere
Thanks Jean Phillipe, you rock!
Fernando França
February 18, 2010 at 8:03 pm
Took me a few to figure out how to get it set up as well, but just as a help to anyone else, running the standalone debugger from the command line can help you figure out what’s wrong.
In my case: “PreloadSwf paths must be local trusted: /opt/MicroProfiler.swf”
So I just added it to the trusted programs list in the settings page Fernando França linked and it worked. :]
Thanks for the interesting info and test prog jpauclair!
Wa
March 23, 2010 at 4:20 am
Are you able to run flex Profiler?
Are you sure you have the Flash Player Debug running?
jpauclair
April 22, 2010 at 11:56 am
Awesome work ! I was wondering where you get the Flash undocumented features giving that they are… not documented ?
sroucheray
February 18, 2010 at 6:29 am
Trial and error
btw, good post JP.
Jean-Philippe Doiron
February 18, 2010 at 7:10 am
Nice !
But maybe another undoc feature that will remove in the next player release…
Eric Priou
February 18, 2010 at 7:19 am
If they remove it, we lose flex profiler.
jpauclair
February 18, 2010 at 7:34 am
Go JP! Go JP!
Jérémie Charest
February 18, 2010 at 9:16 am
[...] One SWF to rule them all : The Almighty PreloadSWF « jpauclair Hidden features in pre-loading SWF files, secret events and more secret sauce (tags: debugging debug as3) [...]
links for 2010-02-18 – Confessions of an Flash Addict
February 18, 2010 at 9:02 pm
Very interesting, thanks JP !!
Thierry
February 22, 2010 at 11:28 am
[...] One SWF to rule them all : The Almighty PreloadSWF [...]
Weekly Shared Items – 23. February, 2010 | TOXIN LABS - weblog of a german design student from wuerzburg
February 23, 2010 at 1:04 am
Just came across your blog for the first time , have read several posts and am super impressed with everything, I take my hat off to all super programmers eg Joa , Andre and yourself etc.. that unravel inner workings of flash player and push the boundaries contributing to better more functional and optimized further development of the player.
Thanks
ian pretorius
February 25, 2010 at 5:11 pm
Wow.. Well thanks to you!
Being put in the same category of thoses guys really make me proud of what I’ve done here!!
jpauclair
February 25, 2010 at 6:48 pm
I tried it, but no luck so far. I have debug version of flash player, modified mm.cfg file, modified flash player security settings, still not able to see the profiler bar.
Thanks
Suman
March 23, 2010 at 2:10 am
I see this error in log file “PreloadSwf paths must be local trusted:”
Thanks in advance
Suman
March 23, 2010 at 5:45 am
Thanks for providing this information but it did not work for me. I have added full swf path to settings at
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html
Still no luck.
Thanks
Suman
Suman
March 23, 2010 at 7:17 am
[...] This one is just crazy powerful: See: One SWF to rule them all! [...]
AS3 hidden treasure in the mm.cfg file. Revealing and documenting many Flash secrets! « jpauclair
April 11, 2010 at 9:09 pm
Wow.. awesome post!
I just have one small problem. At first there was the “PreloadSwf paths must be local trusted”. Ok, so I added the exception to the settings. But now I’m getting this error instead:
Warning: Not a known player download type, file:///G|/projects/flashlogs/MicroProfiler.swf
Has anyone run into this problem?
Another observation: The error “PreloadSwf paths must be local trusted” uses “paths”. I’m not sure whether this is a typo, or whether that means there may be multiple PreloadSwfs that you could load…
then you can create multiple layers of PreloadSwfs, and then create various scripts to create a mm.cfg file before compilation that loads in the correct layers of PreloadSwfs that you want to have. This could be very powerful.
jonathanasdf
April 15, 2010 at 1:04 am
Im getting the same issue in my flashlog.txt
Warning: Not a known player download type, file:///D|/Dropbox/Settings/MicroProfiler.swf
FP 10,0,45,2 Windows 7
I have added D:\ and D:\Dropbox\Settings\MicroProfiler.swf to the trusted security…
Mike
Mike
April 20, 2010 at 7:40 am
+1 to Mike , having the same problem here as well with the same version of FP 10.0.45.2 windows xp.
anupam
April 22, 2010 at 6:22 am
Yoz has written a small procedure that you could try.
http://blog.yoz.sk/2010/04/the-ultimate-debugging-and-profiling/
There is also the fact that PreloadSWF is very hazardous and may just not show for any reasons..
When it happen for me, I just close every browser window, any flash instance, and start over with only one flash target.
Tell me if you find any other solution!
jpauclair
April 22, 2010 at 8:08 am
Nope, still getting the same error, after closing everything. Tried restarting the computer still nothing.
Not tried rolling my own SWF yet, tho I cant think why that would work.
Mike
Mike
April 22, 2010 at 8:25 am
I’ll try creating my own swf tonight when I get home, but like Mike said I don’t believe that it would make a difference… Could the preloadSWF thing have been patched in the newest FP? I noticed the thing in common between the 3 of us is that we use 10,0,45,2…
jonathanasdf
April 22, 2010 at 11:06 am
[...] project but It won’t be very generic and it would be hard to manage. Instead I added it to my MicroProfiler using the PreloadSWF trick. This way it can also be use on ANY as3 project (debug or not) on the whole [...]
New Flash Visual Profiler « jpauclair
April 20, 2010 at 9:50 pm
Great post!! Thanks for all the information.
I am able to make AS3 project as preload swf. I am curious if we can use Flex project as preload swf?
Suman
April 22, 2010 at 2:46 am
[...] I came across interesting articles from jpauclair. The first one is about Almighty PreloadSWF (mm.cfg attribute to define preloader for any as3 .swf file) and the second about his new Flash [...]
The Ultimate Debugging And Profiling at Jozef Chúťka's blog
April 22, 2010 at 5:13 am
[...] One SWF to rule them all : The Almighty PreloadSWF [...]
jpauclair.net: 6 Months – Articles recap. « jpauclair
May 24, 2010 at 3:01 pm
For everyone with “Warning: Not a known player download type” error, simply recompile from source.
Or try this version http://www.failsafegames.com/MicroProfiler.swf
Failsafe Games
July 14, 2010 at 4:35 pm
Thanx JP for great profiler!
I’ve got a question although – maybe I’m missing something: is it possible to user Your or similar tool to debug AS2 SWF’s?
Tomasz Lisiewicz
August 27, 2010 at 4:48 am
Sadly, it’s not.
The tool use a AS3 only event “allCompleteEvent”.
you COULD launch a SWF before an AS2swf.. but you would never receive the magical event, hence not being able to bind to the interface.
what you could do is a “trace”, “localconnection”, or socket connect profiler. But there is not much data that could be retreived by this.
You should take a look at the new version of the tool:
http://jpauclair.net/flashpreloadprofiler/
I’m also releasing a new version soon. With a LOT more stuff for profiling.
jpauclair
August 27, 2010 at 7:50 am