The idea is the server (our web server) process the request to
non-crossdomain.xml
serverand return back the result to flex.In basic Flex ---> OurWebserver Page
------> non-crossdomain.xml
server ---->OurWebserver Page Result ----->FlexI implement this to get rss
feed from non-crossdomain.xml
serverI use PHP on server side and it works.
To: [EMAIL PROTECTED]: [EMAIL PROTECTED]: Wed, 14 Mar 2007 08:16:46
+0000Subject: RE: [flexcoders] Re: Security error accessing url
I'm New to all this, so your suggesting that all the flex
swf's are routed through a proxy (proxy.xml),
and that xml doc just contains yout proxy settings (ip,
ports etc). Thats called in your mx: application?
Shaun
From: [email protected]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul
DeCourseySent: 14 March 2007 02:39To:
[EMAIL PROTECTED]: [flexcoders] Re: Security error
accessing url
Proxy is your solution. counterfeiting a corssdomain file isinadvisable
difficult and probably impossible to do on a large scaledeployment. The only
ways I can think do it would require great effortand would need other
software to be installed on the client machine topull it off. Plus that kind
of hackery just isn't cool. Also I'm notsure anyone is really against the
proxy solution, it would just befaster to go direct to the
source.Another idea if you don't want or can't do the proxy server, you
couldbe bold and do an ajax proxy. I'm not sure how much data can be
passedvia the External Interface, but you certainly could pass xml back
andforth that way. Given enough motivation I could come up with aworking
example.p--- In [email protected],
"André Rodrigues Pena"<[EMAIL PROTECTED]> wrote:>> If
people are against the proxy application.. what's the
bettersolution?> (since I can't see how can I counterfeit a
crossdomain file in aexternal> and not-accessible server)>
> On 3/12/07, Troy Gilbert <[EMAIL PROTECTED]> wrote:>
>> > Ahh, yes, but if all of your clients go through your
proxyserver then> > on to the eventual non-crossdomain.xml
server, then that serveradmin sees> > that there are a huge amount
of requests originating from yourproxy server> > and he can
throttle it as appropriate. If the requests comedirectly from> >
the clients, then he has potentially thousands of different pointsof
entry> > to throttle.> >> > But I do agree with
your point... in general, I'd like to seeFlash *at a> > minimum*
have all of the read-only access that the web browser has. It> >
infuriating when some AJAX code can access stuff more easily
thanFlash...> > that just *feels* backwards to me, and I think it
ultimately hurtsFlash's> > use for some cases.>
>> > Troy.> >> >> > On 3/12/07, Paul
DeCoursey <[EMAIL PROTECTED]> wrote:> > >> > > --- In
[email protected]
<flexcoders%40yahoogroups.com>,> > > "Alex Harui"
<aharui@> wrote:> > > >> > > > It doesn't
provide any benefit to you, it provides benefit to the> > >
server> > > > owner. Once all of your clients are hammering your
server toget to> > > the> > > > proxy to the
remote-server, then you have the first chokepoint for> > > >
traffic instead of the remote-server owner who may or may not have> >
> > intended to allow that much extra traffic.> > >
>> > >> > > I understand the thinking, but if I can
easily create a proxy around> > > the crossdomain file then they've
lost that avenue. It's easier to> > > throttle access using
firewalls or acls, which they will end uphaving> > > to do
anyway.> > >> > > >> > > >>
> > > The security rules are also intended to make sure we
don'tbecome the> > > > ultimate spyware and virus
development platform. If we did,everyone> > > > would be
afraid to download the player and/or run theseapplications.> >
> >> > > >> > > >> > > >
If you can find a way to spoof the crossdomain.xml from a remote>
> > server,> > > > please let us know.> > >
>> > >> > > I don't think I'll put any effort to
finding out how to do itsince I> > > don't ever plan on using
crossdomain files since I already have a> > > working proxy
solution.> > >> > > >> > >
>> > > > -Alex> > > >> > >
>> > > >> > >> > >> >
> >> > > > -- > André Rodrigues
Pena> > LOCUS> www.locus.com.br> >
Blog> www.techbreak.org>
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
