Instead of serving your player directly via http. You can use python as the URL to return the SWF binary in the response if access is granted.
Sent from my mobile device On Nov 6, 2007, at 5:39 PM, "Marcelo de Moraes Serpa" <[EMAIL PROTECTED] > wrote: > Ruby on Rails, but I also use Django, Plone and Zope. So, basically > Ruby and Python. > > On Nov 6, 2007 8:01 PM, Samuel Agesilas <[EMAIL PROTECTED]> wrote: >> Marcelo, >> >> Ahh... ok. Cool! If I may ask another question that I neglected to >> post and that is what kind of back end technology are you using? >> Java, >> PHP, ASP.NET? >> >> Cheers, >> Sam >> >> >> On Nov 6, 2007, at 3:54 PM, Marcelo de Moraes Serpa wrote: >> >>> Hello Samuel, >>> >>>> If I may chime in this discussion.. what are you trying to protect? >>>> The >>>> actual swf or access to services exposed in the swf? >>> >>> Yes, it wans't clear. Actually I'm not really trying to protect the >>> SWF but instead restrict the ways it can be served. Mine is an >>> application somewhat like youtube but more restricted, so, I >>> wouldn't >>> want anyone to get the URL and play the videos anywhere (outside of >>> the allowed domain). >>> >>> On Nov 6, 2007 4:41 PM, Samuel Agesilas <[EMAIL PROTECTED]> wrote: >>>> Marcelo, >>>> >>>> If I may chime in this discussion.. what are you trying to protect? >>>> The >>>> actual swf or access to services exposed in the swf? >>>> >>>> cheers, >>>> Sam >>>> >>>> >>>> >>>> On Nov 4, 2007, at 6:42 PM, Jonathan Valliere wrote: >>>> >>>> Marcelo, >>>> >>>> As far as referrer checking, your going to need to search google or >>>> get in >>>> touch with a Red5 developer ( put it on the Red5 mailing list ). >>>> >>>> Encryption: You can load in SWF binary via ByteArray and >>>> encryption can be >>>> done with ByteArray data ( that can be loaded via .. Loader ?? ). >>>> Essentially you encrypt your SWF binary ( and store it encrypted on >>>> the >>>> server ) and load it in over HTTPs and decrypt it based on a >>>> public/ >>>> private >>>> key based on a secondary encryption mechanism located inside the >>>> first one >>>> and load into a SWFLoader at runtime. Run the entire application >>>> over HTTPs >>>> with cache off and it should be pretty dam secure. >>>> >>>> http://en.wikipedia.org/wiki/Public-key_cryptography >>>> >>>> http://en.wikipedia.org/wiki/Encryption >>>> >>>> http://en.wikipedia.org/wiki/Topics_in_cryptography >>>> >>>> I bet there are a lot of good books on Cryptography. >>>> >>>> -Jon >>>> >>>> >>>> On Nov 4, 2007, at 7:24 PM, Marcelo de Moraes Serpa wrote: >>>> Hello Jonathan, >>>> >>>>> You could protect swfs over RTMP via Red5 to make sure of a >>>>> correct >>>> referrer. >>>> >>>> >>>>> You could also load in an encrypted SWF that contains a secondary >>>> encrypted Binary file that self-decrypts ( and runs ) and is >>>> responsible for >>>> referrer / self-authentication over HTTPS / RTMP. >>>> >>>> >>>> Any examples or maybe pointers to articles that elaborate on these >>>> techniques? >>>> >>>> Thanks, >>>> >>>> Marcelo. >>>> >>>> >>>> >>>> On 11/4/07, Jonathan Valliere <[EMAIL PROTECTED]> wrote: >>>>> >>>>> yeah but you can't protect against everything. you can encrypt >>>>> your swfs, >>>> decrypt them clientside but that could also ultimately be faked >>>> given enough >>>> time and data capture. >>>>> >>>>> >>>>> You could protect swfs over RTMP via Red5 to make sure of a >>>>> correct >>>> referrer. You could also load in an encrypted SWF that contains a >>>> secondary >>>> encrypted Binary file that self-decrypts ( and runs ) and is >>>> responsible for >>>> referrer / self-authentication over HTTPS / RTMP. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Nov 4, 2007, at 12:23 PM, Marcelo de Moraes Serpa wrote: >>>>> >>>>> >>>>>> Red the URL from the browser and see if the domain is valid. I >>>>>> forget >>>> how to get it normally but in Flex you get it this way >>>>>> >>>>> >>>>> Yes, but one could possibly decompile the SWF and remove this code >>>>> (since >>>> it is client side). >>>>> >>>>> >>>>> On 11/4/07, Jonathan Valliere <[EMAIL PROTECTED] > wrote: >>>>>> >>>>>> Red the URL from the browser and see if the domain is valid. I >>>>>> forget >>>> how to get it normally but in Flex you get it this way >>>>>> >>>>>> >>>>>> Application( Application.application ).url >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Nov 3, 2007, at 11:40 AM, Jean-Philippe DELAVALLADE wrote: >>>>>> >>>>>> It's perhaps a solution >>>>>> but i prefer using a referer like in Flash Media Server >>>>>> I don't find it in RED5 >>>>>> >>>>>> >>>>>> >>>>>> Le 3 nov. 07 à 16:23, Marcelo de Moraes Serpa a écrit : >>>>>> >>>>>> Hmm.. yep, haven't though about the domain restrictions of the >>>>>> player, >>>> it might work! >>>>>> >>>>>> @Paul: Afaik, it works like this: When the player downloads a SWF >>>>>> from a >>>> domain, it looks for a crossdomain.xml file that in turns contains >>>> rules on >>>> which other domains are allowed to play your SWF files you are >>>> serving >>>> through your domain. Please someone correct-me if I'm wrong. >>>>>> >>>>>> Cheers, >>>>>> >>>>>> Marcelo. >>>>>> >>>>>> >>>>>> On 11/3/07, Jean-Philippe DELAVALLADE < [EMAIL PROTECTED]> >>>>>> wrote: >>>>>>> >>>>>>> Thanks Paul :) >>>>>>> Add a cross-domain policy, which prevents unauthorized domains >>>>>>> from >>>> accessing your assets. >>>>>>> but how ?? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Le 3 nov. 07 à 14:42, paul|LOWRES a écrit : >>>>>>> >>>>>>> >>>>>>> >>>>>>> maybe a cross-domain policy is, what you are looing for? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>> http://livedocs.adobe.com/flash/9.0/UsingFlash/help.html?content=WSd60f23110762d6b883b18f10cb1fe1af6-7b35.html >>>>>>> >>>>>>> >>>>>>> cheers, >>>>>>> paul >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Am 03.11.2007 um 14:01 schrieb Marcelo de Moraes Serpa: >>>>>>> >>>>>>> Hello Jean, >>>>>>> >>>>>>> I'm also searching for a way to restrict my flash application >>>>>>> in a >>>> domain. Actually I thought in serving the SWF through a script >>>> instead of >>>> letting the webserver serve it so that I could do this referrer >>>> check >>>> server-side (Using Ruby/Rails or PHP for example). Code to check >>>> the >>>> referrer in the SWF could work but someone could decompile your SWF >>>> and >>>> remove this check. >>>>>>> >>>>>>> If someone got some ideas regarding that, please share! >>>>>>> >>>>>>> Marcelo. >>>>>>> >>>>>>> >>>>>>> On 10/26/07, Jean-Philippe DELAVALLADE < [EMAIL PROTECTED]> >>>>>>> wrote: >>>>>>>> >>>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> >>>>>>>> I would like to protect my application, do a referrer in fact >>>>>>>> I've tried this code but the server never run with that : >>>>>>>> >>>>>>>> >>>>>>>> public boolean appConnect(IConnection conn, Object[] params) { >>>>>>>> String pageUrl = >>>>>>>> (String)conn.getConnectParams().get( "pageUrl" >>>> ); >>>>>>>> log.debug( "L'URL de la pages est : " +pageUrl); >>>>>>>> if(pageUrl != "http://mydomain";){ >>>>>>>> return false; >>>>>>>> } >>>>>>>> Can you show me the way, in order to my appli just run under my >>>> domain ? >>>>>>>> >>>>>>>> >>>>>>>> Thanks guys >>>>>>>> >>>>>>>> >>>>>>>> JP >>>>>>>> _______________________________________________ >>>>>>>> osflash mailing list >>>>>>>> [email protected] >>>>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> osflash mailing list >>>>>>> [email protected] >>>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>>> >>>>>>> _______________________________________________ >>>>>>> osflash mailing list >>>>>>> [email protected] >>>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> osflash mailing list >>>>>>> [email protected] >>>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> osflash mailing list >>>>>> [email protected] >>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> osflash mailing list >>>>>> [email protected] >>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>> >>>>>> _______________________________________________ >>>>>> osflash mailing list >>>>>> [email protected] >>>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>>> >>>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> osflash mailing list >>>>> [email protected] >>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>> >>>>> _______________________________________________ >>>>> osflash mailing list >>>>> [email protected] >>>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> osflash mailing list >>>> [email protected] >>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>> _______________________________________________ >>>> osflash mailing list >>>> [email protected] >>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>> >>>> >>>> _______________________________________________ >>>> osflash mailing list >>>> [email protected] >>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>> >>>> >>> >>> _______________________________________________ >>> osflash mailing list >>> [email protected] >>> http://osflash.org/mailman/listinfo/osflash_osflash.org >> >> >> _______________________________________________ >> osflash mailing list >> [email protected] >> http://osflash.org/mailman/listinfo/osflash_osflash.org >> > > _______________________________________________ > osflash mailing list > [email protected] > http://osflash.org/mailman/listinfo/osflash_osflash.org _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
