Re: FLASH: Flash Functionality Verification

[John Andrew Morrison]

Hi Matt,


Thank you for taking the time to add your input to this issue. I am

still confused as to how information can be gathered in this way.

Is there another way to gather infromation from a server besides

standard key=value&key1=value strings that I am missing? If so

would you point me to the technote describing this. I like to have

as many options at my fingertips as possible. If you would like to

take this discussion off list you can mail me at:

johnflashj-andrew [dot] com

.


Thanks,

John


Matt Wobensmith wrote:


> Hi John,

>

> You wrote:

>

> >I  would appreciate verification, or better yet refudiation, that Flash

> >does not allow the loading of variables from Domains other than

> >the one servicng the movie.

>

> Indeed, this change was made to prevent potential abuse.

>

> If a Flash movie is allowed to access data from any domain, a malicious

> author could make a movie that targets an internal server behind a firewall,

> and potentially send that data back to any remote location they wish. That

> would be bad.

>

> With the suggested server script, this means the script runs on YOUR domain.

> Much safer.

>

> Our TechNote on this is here:

>

> Load Variables from a data source on another domain is not working

> #14123

> http://www.macromedia.com/support/flash/ts/documents/loadvars_security.htm

>

> I understand people's points about the convenience of executing server

> scripts from anywhere, but this also leaves the door open to abuse. There

> are lots of companies and institutions that use Flash because it is safe.

> Allowing this potential abuse would certainly sour a lot of people on the

> Flash Player and its security. As it is now, it's very safe.

>

> Matt

>

> ---------------

> Matt Wobensmith

> Macromedia

>

> flasher is generously supported by...

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>      flashforward2000 and the Flash(tm) Film Festival

>  July 24-26, 2000, NEW YORK CITY, Hammerstein Ballroom

>                   www.flashforward2000.com

>    Produced by United Digital Artists and lynda.com

>  Sponsored by Macromedia, Adobe Systems, Fusion, Inc, AtomFilms,

>            shockwave.com and Electric Rain.

>  1.877.4.FLASH.4  or (1.805.640.6679 outside the US and Canada)

>  Register before June 30 and save $200!!-- www.flashforward2000.com

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

> To unsubscribe or change your list settings go to

>

http://www.chinwag.com/flasher or email helpchinwag [dot] com

flasher is generously supported by...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     flashforward2000 and the Flash(tm) Film Festival

 July 24-26, 2000, NEW YORK CITY, Hammerstein Ballroom

                  www.flashforward2000.com

   Produced by United Digital Artists and lynda.com

 Sponsored by Macromedia, Adobe Systems, Fusion, Inc, AtomFilms,

           shockwave.com and Electric Rain.

 1.877.4.FLASH.4  or (1.805.640.6679 outside the US and Canada)

 Register before June 30 and save $200!!-- www.flashforward2000.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To unsubscribe or change your list settings go to

http://www.chinwag.com/flasher or email

helpchinwag [dot] com