The URI the debugger uses has always been fixed, but now there is the option to use either fixed or dynamic URIs where the token required by the socket connection can either be fixed (at 0) or dynamic (randomly generated string). This provides the first level of security — users can only connect if they know the unique token.

In security.3ad, the keyword debuggerFixedURI can be followed by either true or false. When true, the token required is 0, which implies that the URI is fixed. When false, the token will be a randomly generated string.

If a user wishes to connect remotely to the Layout Developer instance running, they will need to know this dynamic token. Connecting to the socket without a token (for example, http://localhost:9002) when one is required will cause a dialog to pop up requesting the token:

The Layout Developer user will need to provide the token value to allow the remote user to connect. This can be found using the fDebugSocket.token property as application.debugSocket.token. Use an alert or something to find this value which can be entered into the dialog to allow a connection.

The majority of debug usage is done on the local machine, but as already mentioned, it is possible to connect to ALD via the open socket when it is running elsewhere on your network, assuming this is allowed by your firewalls and so on.

The next level of security is to disallow remote users to connect to Layout Developer via the socket. The debuggerRemote keyword in security.3ad can take either true or false. True allows remote connections, false disallows them. So, when false, any connections which are not on the same machine as the ALD instance will not be allowed.