[osflash] secure my application...
Jean-Philippe DELAVALLADE
jeanphide at orange.fr
Sat Nov 3 08:40:36 PDT 2007
It's perhaps a solution
but i prefer using a referer like in Flash Media Server
I don't find it in RED5
Le 3 nov. 07 à 16:23, Marcelo de Moraes Serpa a écrit :
> Hmm.. yep, haven't though about the domain restrictions of the
> player, it might work!
>
> @Paul: Afaik, it works like this: When the player downloads a SWF
> from a domain, it looks for a crossdomain.xml file that in turns
> contains rules on which other domains are allowed to play your SWF
> files you are serving through your domain. Please someone correct-me
> if I'm wrong.
>
> Cheers,
>
> Marcelo.
>
> On 11/3/07, Jean-Philippe DELAVALLADE <jeanphide at orange.fr> wrote:
> Thanks Paul :)
> Add a cross-domain policy, which prevents unauthorized domains from
> accessing your assets.
> but how ??
>
> Le 3 nov. 07 à 14:42, paul|LOWRES a écrit :
>
>> maybe a cross-domain policy is, what you are looing for?
>>
>> http://livedocs.adobe.com/flash/9.0/UsingFlash/help.html?content=WSd60f23110762d6b883b18f10cb1fe1af6-7b35.html
>>
>> cheers,
>> paul
>>
>>
>> Am 03.11.2007 um 14:01 schrieb Marcelo de Moraes Serpa:
>>
>>> Hello Jean,
>>>
>>> I'm also searching for a way to restrict my flash application in a
>>> domain. Actually I thought in serving the SWF through a script
>>> instead of letting the webserver serve it so that I could do this
>>> referrer check server-side (Using Ruby/Rails or PHP for example).
>>> Code to check the referrer in the SWF could work but someone could
>>> decompile your SWF and remove this check.
>>>
>>> If someone got some ideas regarding that, please share!
>>>
>>> Marcelo.
>>>
>>> On 10/26/07, Jean-Philippe DELAVALLADE < jeanphide at orange.fr> wrote:
>>> Hello,
>>>
>>> I would like to protect my application, do a referrer in fact
>>> I've tried this code but the server never run with that :
>>>
>>> public boolean appConnect(IConnection conn, Object[] params) {
>>> String pageUrl =
>>> (String)conn.getConnectParams().get( "pageUrl" );
>>> log.debug( "L'URL de la pages est : " +pageUrl);
>>> if(pageUrl != "http://mydomain"){
>>> return false;
>>> }
>>> Can you show me the way, in order to my appli just run under my
>>> domain ?
>>>
>>> Thanks guys
>>>
>>> JP
>>>
>>> _______________________________________________
>>> osflash mailing list
>>> osflash at osflash.org
>>> http://osflash.org/mailman/listinfo/osflash_osflash.org
>>>
>>>
>>> _______________________________________________
>>> osflash mailing list
>>> osflash at osflash.org
>>> http://osflash.org/mailman/listinfo/osflash_osflash.org
>>
>> _______________________________________________
>> osflash mailing list
>> osflash at osflash.org
>> http://osflash.org/mailman/listinfo/osflash_osflash.org
>
>
> _______________________________________________
> osflash mailing list
> osflash at osflash.org
> http://osflash.org/mailman/listinfo/osflash_osflash.org
>
>
> _______________________________________________
> osflash mailing list
> osflash at osflash.org
> http://osflash.org/mailman/listinfo/osflash_osflash.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://osflash.org/pipermail/osflash_osflash.org/attachments/20071103/db94ca3b/attachment.html
More information about the osflash
mailing list