Clark,
That's because www.fred.com need not point to the same server as fred.com.
At all. They can be routed to totally different machines.
Cheers,
Ian
On 1/27/06, clark slater <[EMAIL PROTECTED]> wrote:
>
> There's obviously no question about the value of the security sandbox and
> the cross
There's obviously no question about the value of the security sandbox and
the crossdomain policy control. The issue for me is that 'www.' should not
be considered a subdomain. This is inexcusable and will catch out a lot of
people, particularly given the dreadful documentation.
Clark
On 1/27/06,
I don't see upside. It just sucks.
The upside is that it keeps people from stealing your Flash content. It
lets you explicitly state who is allowed to consume your Flash content,
which is a good thing as long as there is an easy way to allow more access,
which there is. Look up "crossdomai
nmentor.com vs http://animationmentor.com
>
> I am looking for an ActionScript GURU. Any takers? If so email me
> [EMAIL PROTECTED]
>
>
>
>
>
> -Original Message-
> From: Rich Rodecker [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 26, 2006 1:59 PM
EMAIL PROTECTED]
Sent: Thursday, January 26, 2006 1:59 PM
To: Flashcoders mailing list
Subject: Re: [Flashcoders] Gotcha: F8 Security Model
i believe thats been around since flash 7...can't load data from
different
subdomains. I wish they could have excluded www. from counting as a
differetn
It's very easy for legitimate sites to get around this limitation by using a
crossdomain.xml file. That lets you set up more complex rules (such as only
allowing www subdomains or just *.yourdomain.com and *.yourotherdomain.com)
to make your sandbox even bigger. You don't even have to modify the
i believe thats been around since flash 7...can't load data from different
subdomains. I wish they could have excluded www. from counting as a
differetn subdomain, but this is one case where i really dont mind the extra
security, it's kind of needed if flash is going to be taken seriously by the
c
possible security upside:
hacker.freedns.com can't make calls to randomguy.freedns.com ? (where
freedns.com is a site that lets users buy / get free subdomains)
-David R
On 1/26/06, clark slater <[EMAIL PROTECTED]> wrote:
>
> I was totally *disgusted* to find out that our site was failing to mak
I was totally *disgusted* to find out that our site was failing to make
remoting calls when loaded via http://bayinteractive.com instead of
http://www.bayinteractive.com
Sure enough FP8 security sandbox at work, because the remoting calls were
using an absolute path to the gateway instead of a rel
9 matches
Mail list logo