Isn't the context for an AIR application different to a flash application
loaded from a browser?
In the browser the flash swf is loaded from a particular domain and access
outside that domain requires the crossdomain policy.
In an Air application there is no concept of the domain that the swf is
loaded from - it's essentially a desktop application.
Flash in Air and Flash in the browser have different security models.
Paul
----- Original Message -----
From: "Johan Nyberg" <[email protected]>
To: <[email protected]>
Sent: Thursday, April 02, 2009 9:29 AM
Subject: [Flashcoders] Proof of Concept - HTTPService object doesn't require
crossdomain-policy file
Hi, thanks for all the response to my question about the crossdomain.xml.
But... I didn't get a lot of response to the fact that HTTPService can
access public feeds/content on other sites without the need of a
crossdomain.xml
Please check out the code included at the end of this post. I've created a
small AIR application (with a certificate) and it works without a problem.
Am I missing something?
But again.. if my Flash app isn't allowed to access content on another
site, I can always throw together a simple php-script that extracts the
content for me that my Flash then can read...
And then I can go ahead and create my evil banner ad. ;-)
I understand that crossdomain policy files are here to stay. I just don't
understand why they don't allow me to access content on other domains that
I can access in other ways and then pass on to Flash.
--
Johan Nyberg
Web Guide Partner
Engelbrektsplan 1
114 34 Stockholm
08 - 50 00 24 30
070 - 407 83 00
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
