If you click OK to accept the certificate then you're allowing it to do whatever it wants.
I believe ActievX also works this way ...
Doug Lowder <[EMAIL PROTECTED]> wrote:
There are some really good responses to This Post that explain the reasons behind crossdomain.xml.
--- In [email protected], dos dedos <[EMAIL PROTECTED]> wrote:
>
> thanks!
>
> bwt, does anyone know what is the security scenario that promoted the introduction of the crossdomain requirement? it would be educating to know
>
> Carson Hager [EMAIL PROTECTED] wrote: You will need a crossdomain file.
>
>
> Carson
> ____________________________________________
>
> Carson Hager
> Cynergy Systems, Inc.
> http://www.cynergysystems.com
>
> Email: [EMAIL PROTECTED]
> Office: 866-CYNERGY
> Mobile: 1.703.489.6466
>
>
>
>
> ---------------------------------
> From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of dos dedos
> Sent: Monday, March 27, 2006 2:26 PM
> To: [email protected]
> Subject: Re: [flexcoders] Re: Flex 2: about "potential" HTTPService timeout/security issues ...
>
>
>
> Thanks for this clarifiaction on the timeout. I think I'll have to implement timeout to end the HTTPService request if there is no data being exchanged for xx number of seconds.
>
> With respect to the potential security issue, I'd like to POST XML via HTTPService to a .cgi server running on a machine other than the one the Flex app is served from. Do I need to have a crossdomain.xml at either side? or am I free to interact with any server via HTTService?
>
> Thanks!
>
> dos
>
> Dave Wolf [EMAIL PROTECTED] wrote: The player is simply piggy backing on the HTTP stack of the browser.
> I think you will find in most cases the browser will detect the half
> dead socket when data is moving on the socket and generate an error
> HTTP status back. Things get a little harrier when you have an idle
> yet persistent connection.
>
> This gets even more tricky if you are running a cluster of servers to
> support high availability, etc.
>
> In any case, for what you are describing, I think you wont have to
> work on doing this yourself. It should be very easy to test.
>
>
> --
> Dave Wolf
> Cynergy Systems, Inc.
> Macromedia Flex Alliance Partner
> http://www.cynergysystems.com
>
> Email: [EMAIL PROTECTED]
> Office: 866-CYNERGY
>
> --- In [email protected], dos dedos dosdedosmiamigos@ wrote:
> >
> >
> > Relating to the potential timeout issue, I think most likely
> HTTPService doesn't timeout on its own....
> >
> > However, my Java application could crash and reboot so I would have
> to make sure HTTPService would time out if it's loses connection with
> the server... No idea how to do that yet ...
> >
> > Any clarifications would be greatly helpful!
> >
> > Thanks
> >
> > dos
> >
> >
> > ---------------------------------
> > New Yahoo! Messenger with Voice. Call regular phones from your PC
> and save big.
> >
>
>
>
>
>
>
>
> ---------------------------------
> Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2�/min or less.
>
> --
> Flexcoders Mailing List
> FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
> Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com
>
>
>
> ---------------------------------
> YAHOO! GROUPS LINKS
>
>
> Visit your group "flexcoders" on the web.
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
>
>
> ---------------------------------
>
>
>
>
>
> ---------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.
>
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.
--
Flexcoders Mailing List
FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com
YAHOO! GROUPS LINKS
- Visit your group "flexcoders" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
