I'd like to create a simple Flex application that can be distributed to any (ie. untrusted) source that reads data from my web server using AMFPHP. I understand that this requires a crossdomain.xml file.
I'm trying to get my head around the security implications of open (ie. allow all) crossdomain.xml files. Basically I understand that issues arise when there is an open crossdomain.xml file on a domain that uses cookie/session-based authentication as the SWF can read/forge the cookie info that is sent in the HTTP header. This allows cross-site forgeries and other unintended consequences. My main concern is with server security though. What are the implications as far as compromising the security of the server aside from cross-site forgeries? The Adobe article linked below suggests that crossdomain.xml files may allow access to other private severs on a network which is obviously quite serious. If I understand correctly, a lot of the risk can be mitigated by hosting the crossdomain.xml file on a separate sub-domain from the domain with the user authentication mechanism. Is this as straightforward as setting up an Apache virtual host for a sub-domain which hosts a simple PHP script/gateway that forwards/returns requests to the domain which contains the data source? How have others got around this problem? Can you provide me with a brief explanation of your solution. Cheers, Darren. If you don't understand what I mean by the security implications, these refs might help: http://shiflett.org/blog/2006/sep/the-dangers-of-cross-domain-ajax-with-flash http://renaun.com/blog/2006/12/13/167/ http://www.hardened-php.net/library/poking_new_holes_with_flash_crossdomain_policy_files.html http://www.adobe.com/devnet/flashplayer/articles/cross_domain_policy.html
