> They then proceeded to tell me that they wouldn't enable the > servlet "because it affected all sites on the server". At > that point, I initiated getting a refund.
If they initially installed the web server connector to apply to all sites on the server, any changes to this (including enabling Flash Remoting) would presumably require them to uninstall and reinstall the connector. So, in that sense, it would affect all sites on the server. > My question is, has there been any published information > about the Flash Remoting servlet causing either security > and/or performance problems? > IMO, the web host was making an aribtrary decision based on > ignorance and fear. I've been doing Flash Remoting for about > 3 years now and I have yet to hear of any security exposure > (beyond that of failing to adequately secure a web service). Zwetan posted a link in response to this question on Flashcoders; apparently there are some potential security vulnerabilities such as being able to kill the underlying JVM! I wasn't aware of that, myself. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
