ActionScript 2.0 :: Security - Secure Information Transferred Between The Flash Player And The Website?
Jun 5, 2008How would one secure information transfered between the flash player and the website?
View 1 RepliesHow would one secure information transfered between the flash player and the website?
View 1 RepliesAlright so I'm making a website for my friends band, and they want to have a music player to play their MP3's. One of the things I'm concerned about though, is the security of the MP3 files. Their albums are on iTunes to buy, so I'm looking for what the best option to have the MP3s be played but not be able to be downloaded and saved.The best thing I can think of is embedding the MP3's inside a Flash music player, but that would be more work than it's worth it seems.
View 2 RepliesI'm working on a site which allows people to pay to stream videos online. I'm currently using JW Player to stream FLV/F4V files from Amazon S3, using a signature.This method is extremely unstable, and needless to say, useless. I've heard I can use Amazon CloudFront as a CDN for my videos. But that it won't make the files any more secure, if I've understood it correctly.Price is an important thing. I know hosting/streaming video is expensive, but what are my best options, for a cheap, reliable, and as-safe-you-can solution for me? I have very little hosting experience,
View 2 RepliesI have an application running on flex and php, connected using amfphp, i added a secure channel to services.conf of amfphp [code]how do i know if flex is actually using this secure channel? i tried [code]from the php side and they are both false ... but if i remove these checks it works fine, I'm using wamp, with mod_ssl, and working from localhost
View 2 RepliesI'm trying to build a secure login area on a Flash-AS3 website. I've managed to create the login form and pass data to a PHP script which checks them.
1) I know that in PHP I can echo some infos that can be get from AS3. In this case I suppose to echo something like "success" or "failed" to give an answer to the login attempt. Is this way of communication secure? Can anybody sniff this content and force AS3 to behave like if login was successful?
2) Suppose that PHP-AS3 communication has been secured. What should I do now? May I simply show admin pages hidden before? Is it the correct way? Is it secure?
I'm trying to build a secure login area on a Flash-AS3 website. I've managed to create the login form and pass data to a PHP script which checks them. Now I've got some questions.
1) I know that in PHP I can echo some infos that can be get from AS3. In this case I suppose to echo something like "success" or "failed" to give an answer to the login attempt. Is this way of communication secure? Can anybody sniff this content and force AS3 to behave like if login was successful?
2) Suppose that PHP-AS3 communication has been secured. What should I do now? May I simply show admin pages hidden before? Is it the correct way? Is it secure?
I would like to create a secure login section for a website. I have managed to build up an AS3-PHP communication where PHP checks user credentials. I am already providing data enchryption between AS3 and PHP but I would like to add some further security. Is it possible to implement a HTTPS login section?
View 5 RepliesAn Adobe FLEX 4 object loads from a webpage and runs in the browser. The connection between browser and server is secured using SSL over HTTP (HTTPS) with a secure certificate from a valid Certificate Authority.
Can FLEX code read the secure certificate information and retrieve information such as to whome the certificate was issued, when it is valid, and for what domain it was issued, etc. ?
Is flash (actionscript 2.0) secure enough to use for a website that holds personal info, password, restricted areas, ect. How can I make it secure enough if it's possible.
View 1 RepliesI have some videos that I don't want to let the realplayer be able to have downloaded with their program. Is there any actionscript or technique to block the download process, and just keep streaming the videos in the application?
View 2 RepliesI tried asking this on the Spring forums ([URL]) but did not get a response. I'm working on a web application that has an (end user) user interface built in Flex and a management user interface built using Spring MVC. I'm trying to secure both interfaces and can get each one working separately, but not together. I'm using a snapshot build of spring-flex-core 1.5.0 with Spring Security 3.1RC1 and Spring 3.1M1
[Code]...
I'm obviously missing something but while the Spring Flex documentation describes how to configure a hybrid MVC+Flex application at the servlet level it appears to only consider security from the perspective of a flex-only application.
In my flash application, I want to have information about the system the flash object is running on.Is there an object which handles this?My application runs in a browser mostly, so I also want to know the browser in which the application is running.Can I also access this directly from within the flash player or do I need to communicate with javascript then?
View 1 RepliesIn my flash application, I want to have information about the system the flash object is running on.My application runs in a browser mostly, so I also want to know the browser in which the application is running.Can I also access this directly from within the flash player or do I need to communicate with javascript then?
View 3 RepliesI am building a photography web site with flash and I found a really cool slide show extension plug in (www.slideshowpro.com) were can easily upload and update my portfolio slide shows.when I publish out to HTML, I test it in a browser and I get this warning when I click on the photography page.I read in adoby help and it said flash developers can allow communication between sites with this AS code Security. allowInsecure Domain ("nathan44. slideshowpro.com");so I added this code to my actions layer on the firs frame in "scene 1" and to the actions layer in the photography section. But nothing changed i still get this warning when ever I publish out to an HTML, when I just preview with control + enter i can view the sideshows fine.
View 4 RepliesI am using twilo client in one of my apps and it is showing following popup when I click on call buttonBut I want to show the following pop up which is lot simpler and seems less cumbersomeIs there a way to control which pop up comes on the screen? I have read some documentation of adobe but their configuration files live in users computer which ofcourse can not be changed by a website.
View 1 RepliesIs it possible to embed a flv into a swf and then run it thru an arbitrary flash player and be able to send information from the swf to a destination of my choice?The information could be some variable that is sent when the movie starts playing etc
View 0 RepliesIs it possible to embed a flv into a swf and then run it thru an arbitrary flash player and be able to send information from the swf to a destination of my choice?
The information could be some variable that is sent when the movie starts playing etc
I want to know how many number of variables are being transfered to my flash application from PHP?
View 6 RepliesI am building a Audio Recording tool using Flash and Wowza. I dont want to start the recording until the use clicks the Allow Button is the Security Pop-up question represented here [URL] In Audio I dont get this until I attach the stream to it. In Video can get thsi question when I attach the camera to Video.
I want to avoid making a connection until the user clicks Accept and this doesn't happen until I make the connection request in Audio. I am able to display the [URL] pop-up using SecurityManager Is there a way I can call the pop-up from my code. [URL]
I don't know how to ask this, but the thing is that i was thinking that how does youtube or videofy.me like video blogs send the video path & all info to a flash video player i mean when e click on any video link how does it sets up everything and displays the chosen video, because actually i've created one but in that i had to set up the whole page via flash so that it can manipulate the information like path & name of the video, and cannot use html links, php and all.. so can u people tell me how do i start up & how this process is done & what i need to do & other important things on this.. i mean sending any info to a flash player via any scripting or server side language.
View 1 RepliesI've been reading about the security restrictions for file uploads in Flash Player 10.According to the FileReference docs for upload(), the upload does not have to be triggered by a user-initiated action (the browse() does, but that's another story). If it did, that would force an awkward user experience for multi-file uploads, since only one upload can occur at once -- so the user would have to click (or press a button) once per file to initiate the upload, but only when the previous file had finished uploading.
[Code]...
I want to stop flash player security panel to appear every time in my video recorder. I apply allow and remember but still popup appears. How I can stop this popup if once user chooses allow and remember?
View 0 RepliesThis Adobe Flash Player Security box is really getting in my way. I have a button that acts as a lind to a web page It has this bit of code programmed to it:
button.addEventListener(MouseEvent.CLICK,buttonCli ck);
function buttonClick(event:MouseEvent):void {
var req:URLRequest = new URLRequest('http://...");
navigateToURL(req);
}
Can anyone tell me if calling navigateToURL() causes this security box to appear every time if you havent trusted this .swf in your flash settings? i have looked at a way to handle the "link" with javaScript but before I get too deep into something I'm not too familiar with I wanted to see if there was a way to here within flash while avoiding the flash security box.
I use a laptop which is never connected to the web for customer demos away from base. It does not have the Flash authoring environment installed either. Furthermore, a customer's own system used to run development versions of web sites using HTML with Flash content is not guaranteed to have web access either. Because some of the associated FLV files are quite large, uploading to a web host for such testing is not really viable even where clients have web access at meetings.
I have an AS3-based project which triggers Flash 10 local security protection on systems other those that used for authoring, for which the workaround is to set the source folder as trusted using the Flash Player Settings Manager. but [URL] doesn't seem to offer a useful way to avoid this problem without going on line to the Flash Player Settings Manager via an Adobe web site.
[Code]....
how to remove flash player security pop up for camera and microphone through coding.
View 4 Repliesdoes anybody know if disabling the security question in the flash player is ok? I need to know the exact facts by reference whether it is ok or not. I found some answers to this but they were assumptions but nor rigid. for instance a reference to Adobe's documentation that says any workaround is illegal.
View 1 RepliesProblem: Users of our web app are complaining how hard it is to get past Flash Player's Security Panel when they want to make video calls. (Personally, I don't see why it's hard.) We tried several things to guide them through the process, including callouts pointing to the Security Panel area with specific instructions and even an auto-play video. But still some don't get it. I think the biggest confusion is the "Close" button. Users think that it will close the app or the entire window.
Solution #1: It's possible that part of the problem is the small size and styling of the Security Panel.Is it possible to apply a style or skin to the Security Panel, so that it's larger and looks more consistent to our web app?
Solution #2: Perhaps there's also a non-technical solution. Has anyone seen a good implementation of a web app that make it easy for non-technical users to make video calls?
I am developing a player and I want to make it for only one domain usage for one download. If user needs again then again hew needs to download another version from my site. How can I make it.
View 1 Repliesdoes anybody know if disabling the security question in the flash player is ok? I need to know the exact facts by reference whether it is ok or not. I found some answers to this but they were assumptions but nor rigid. for instance a reference to Adobe's documentation that says any workaround is illegal.
View 1 RepliesI have some Flash application that loads data (external images, SWFs, XMLs) from the same domain. And it was fine until client decided to add load balancers for server. Now we have a number of complaints from users about security errors. It looks like application can't load external resources treating them as resources from different domain without crossdomain.xml.
One of users that have this problem provided us with following info:
Browser: IE 8.0
OS: Windows 7
Flash Player version: 10.1.102.64
I have spoken with server administrator and he told me that we have load balancers that work like Round-robin DNS. In its simplest implementation Round-robin DNS works by responding to DNS requests not only with a single IP address, but a list of IP addresses of several servers that host identical services. The order in which IP addresses from the list are returned is the basis for the term round robin. With each DNS response, the IP address sequence in the list is permuted. Usually, basic IP clients attempt connections with the first address returned from a DNS query so that on different connection attempts clients would receive service from different providers, thus distributing the overall load among servers.
Finally we have: SWF loaded from IP1, data requested from IP2, crossdomain.xml loaded from IP1. All of them can be accessed through the same domain, but have different IPs.Because of IPs difference, Flash Player ignores crossdomain.xml and triggers security error.I'm not sure it happens exactly like that, since for older versions of Flash Player I have found the following words:
The basis of domain comparison is the domain name, not IP address.
So, I have two questions after all of that: How exactly domain comparison for HTTP-connections works in latest versions of Flash Player? Can two resources obtained by address with same domain name but from different IPs treatened as obtained from different domains? Maybe someone have info about DNS rebinding in different browsers?