Comments on: Flash Security is Stupid

By: Shubhra

Shubhra — Wed, 16 Apr 2008 09:35:33 +0000

hey guys, I’m another flex developer totally frustrated by the new down the gutter security model of Flash player. I can see that Dave was able to crack it by using the right crossdomain.xml. please please please share it!!!!!!!!!!!! I’m tired of getting endlessly frustrated

lots of advance thanks………

By: quinthar

quinthar — Tue, 15 Apr 2008 23:20:58 +0000

I think with enough pain and suffering I did eventually get the above instructions to work; what exactly are you trying to do?

Also, can you post a URL to your super-permissive crossdomain file? Somehow it got lost in translation.

By: Dave

Dave — Tue, 15 Apr 2008 21:14:11 +0000

Problem solved and man did it turn out to be simple!

Many Thanks to George Masters for the great set of eyes and assistance!

Here’s the content of the crossdomain.xml file you need for the most permissive access ever!

By: Dave

Dave — Tue, 15 Apr 2008 20:20:02 +0000

Have you come across the solution to this problem? I’ve been banging my head against this wall for three days now and unfortunately have had the same experience that you describe.

I don’t know how an organization that creates such rock solid solutions as PDF tools and superb image editors can survive with crap development environments and code that looks like same horse dung I worked with over ten years ago! It does explain, however, their retarded approach to security.

I really love the reference to using a XMLSocket server (which appears to be at least an initial requirement) and then no provision or recommendation as to which one to use.

Beautiful! Well Done! Major Kudos! Keep up the good work guys and you’ll beat out the big software giant one of these days!