如简单的尝试ExternalInterface.call('alert', {d:'\\'}),就会导致js出错,
有人专门做了个尝试
http://mihai.bazon.net/blog/externalinterface-is-unreliable
"ExternalInterface is unreliable"
简单的解决方案是使用下面的方式互相转换,之前我使用过escape与unescape
The solution
Beware, this is very ugly. :-) The solution is to take the problem in our own hands and therefore encode dangerous characters ourselves, before sending them to JS. I determined the following characters to be problematic: backslash (\), quote (") and ampersand (&). Here's my method of dealing with it:
data = data.split("%").join("%25")
.split("\\").join("%5c")
.split("\"").join("%22")
.split("&").join("%26");
// safe to send data now
ExternalInterface.call("alert", data);
So I chosen to encode special chars using the “%XX” notation. I'm encoding “%” first, so we can safely use it for other characters. Then backslash, then quotes, then ampersand.
Note how complex it has to be because Flash (8 at least) doesn't support RegExp-s, nor does it have a string.replace function.
On the JS side, when I receive data I'm doing the reverse transformation:
data = data.replace(/%22/g, "\"")
.replace(/%5c/g, "\\")
.replace(/%26/g, "&")
.replace(/%25/g, "%");
A different solution I found on some sites was to use escape() in ActionScript, and unescape() in JavaScript. This should be theoretically faster since it's one function call (and there's a good chance that this function is implemented in low level C); however, Unicode characters get mangled in translation (curiously, this is a documented bug).