Generally I think it's a good idea to come up with unique (dynamic)
names for the local connections, but this requires sharing data
between the SWFs in some other way. In my case they are both part of
web pages served from the same source, so I can populate a parameter
that's passed to both that gives the unique LC name, and then they use
that. This solves the issue of having multiple copies running at
once.
As for the other issues, you might be able to come up with your own
authentication process to make sure it's the right 'george', but
otherwise I'm not sure how you'd fix 1 or 2.
-Andy
On 3/30/07, Michael Mudge <[EMAIL PROTECTED]> wrote:
I have a Flash 9 app (named "fred"), which loads a Flash 8 app
("george"), and I need these two apps to be able to communicate, in both
directions.
It seems that a LocalConnection is the typical answer to this, but I
have issues with security.
fred is loaded from a private domain (my own), and george runs from a
highly public domain (like putfile). Here are the problems:
I have a lot of control over fred, but the code in george needs to be
simple.
1. If fred makes a LocalConnection to listen to george (allowing his
domain), then any number of other apps, coencidentially loaded from
george's domain, can send crap to fred. -- Can I make fred verify that
it was george and not just some other schmuck SWF from george's site?
2. If another app on george's site makes a localconnection before george
gets loaded, it could trump george's ability to listen to commands from
fred.
3. If the fred+george app is loaded twice, the localconnections will
have already been in use, making them unable to make a connection in the
newly loaded copy.
...so, how can this be solved? Is there a way to make LocalConnection
(or some other type of connection) talk only within the same Flash
player? Is there a way to "know" what URL is sending data through the
LocalConnection?
- Kipp
_______________________________________________
Flashcoders@chattyfig.figleaf.com
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com
_______________________________________________
Flashcoders@chattyfig.figleaf.com
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com
