BTW, AJAX follows the same security model. The difference? The Flash Player can get around it with permission from the server (the server has a crossdomain.xml on it).
AJAX can't. ----- Original Message ----- From: "Darron J. Schall" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, February 13, 2006 9:46 PM Subject: Re: [flexcoders] Benefits of Flash Security Model and crossdomain.xml Eric Raymond wrote: > My main question is who is this model intended to protect? > It's for security of LAN data when a user views a .swf from a remote website. See: http://www.martijndevisser.com/blog/article/why-crossdomainxml-is-a-good-thing No crossdomain on internal servers means the .swf running locally can't access them and send data to hacker.com. -d -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
