If people are against the proxy application.. what's the better solution? (since I can't see how can I counterfeit a crossdomain file in a external and not-accessible server)
On 3/12/07, Troy Gilbert <[EMAIL PROTECTED]> wrote:
Ahh, yes, but if all of your clients go through your proxy server then on to the eventual non-crossdomain.xml server, then that server admin sees that there are a huge amount of requests originating from your proxy server and he can throttle it as appropriate. If the requests come directly from the clients, then he has potentially thousands of different points of entry to throttle. But I do agree with your point... in general, I'd like to see Flash *at a minimum* have all of the read-only access that the web browser has. It infuriating when some AJAX code can access stuff more easily than Flash... that just *feels* backwards to me, and I think it ultimately hurts Flash's use for some cases. Troy. On 3/12/07, Paul DeCoursey <[EMAIL PROTECTED]> wrote: > > --- In flexcoders@yahoogroups.com <flexcoders%40yahoogroups.com>, > "Alex Harui" <[EMAIL PROTECTED]> wrote: > > > > It doesn't provide any benefit to you, it provides benefit to the > server > > owner. Once all of your clients are hammering your server to get to > the > > proxy to the remote-server, then you have the first chokepoint for > > traffic instead of the remote-server owner who may or may not have > > intended to allow that much extra traffic. > > > > I understand the thinking, but if I can easily create a proxy around > the crossdomain file then they've lost that avenue. It's easier to > throttle access using firewalls or acls, which they will end up having > to do anyway. > > > > > > > The security rules are also intended to make sure we don't become the > > ultimate spyware and virus development platform. If we did, everyone > > would be afraid to download the player and/or run these applications. > > > > > > > > If you can find a way to spoof the crossdomain.xml from a remote > server, > > please let us know. > > > > I don't think I'll put any effort to finding out how to do it since I > don't ever plan on using crossdomain files since I already have a > working proxy solution. > > > > > > > -Alex > > > > > > > >
-- André Rodrigues Pena LOCUS www.locus.com.br Blog www.techbreak.org
