Today I've noticed that I can load images from diferent domains (which doesn't have a crossdomain file) without getting a security sandbox violation error.
For example, when running the following application from my fileSystem I'm not receiving any error eventhough the domains don't have de crossdomain file (I also haven't trusted the file).
<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="vertical">
<mx:Image source=" http://www.code4net.com/header/foto2.jpg" width="800" height="160"/>
<mx:Image source="http://us.i1.yimg.com/us.yimg.com/i/mntl/hlth/06q2/img_diet.jpg " width="800" height="160"/>
</mx:Application>
So is this a new feature on the player or is it a security hole?
I've been reading the document at www.adobe.com/devnet/flashplayer/ articles/flash_player_8_security.pdf and the most accurate thing I've found refering to images is: "A SWF file from a.com may read from the server at b.com (using the ActionScript XML.load() method, for example) if b.com has a cross-domain policy file that permits access from a.com (or from all domains)." So if the criteria for loading external images is the same as for .swf...
Any ideas?
Best
X.
__._,_.___
--
Flexcoders Mailing List
FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com
SPONSORED LINKS
| Web site design development | Computer software development | Software design and development |
| Macromedia flex | Software development best practice |
YAHOO! GROUPS LINKS
- Visit your group "flexcoders" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
__,_._,___
