If you do hang back with 3.3 _AND_ are using Flex Builder's automatically generated HTML wrapper, you should be aware that there was a bug discovered in the express-install template files that can expose you to a cross-site-scripting (XSS) attack. Adobe fixed this in 3.4, but with that revision, also introduced the nasty bug with HTTPService responders getting called twice.
If you are using the vanilla express-install templates to generate HTML for you, you might want to patch your 3.3 SDK while you wait for 3.5. Here's the relevant links: http://www.adobe.com/support/security/bulletins/apsb09-13.html http://kb2.adobe.com/cps/495/cpsid_49530.html Hope this helps, Jim Cheng EffectiveUI Jake Churchill wrote: > > > Thanks for the info. I was just upgrading to stay current, no particular > reason so I'll hang back on 3.3 for a while until 3.5 is released.
