Hi, > If import loaded, they need to add us to their crossdomain.xml, probably > both flex.a.o and > apacheflexbuilds.cloudapp.net:8080.
There's already a wildcard cross domain file for Flexicious [1] (but it may be malformed), but looks like Ardisia doesn't have one. [2]. > And if import loaded, then SWFLoader should have trustContent=true, but > probably only when loading third-party, just to be careful, and maybe have > its own whitelist of domains baked into the SWF. Which would mean we need to make a release every time we add a 3rd party example which is what we are trying to avoid in the first place. If (and I can't imagine this happening) we find that a 3rd party is doing something naughty we can just remove them from the 3rd party xml file until they fix the issue. Thanks, Justin 1. http://www.flexicious.com/crossdomain.xml 2. http://www.ardisialabs.com/crossdomain.xml
