 | | | XML socket policy files on ports < 1024 (SECURITY ISSUE?) | XML socket policy files on ports < 1024 (SECURITY ISSUE?)
2004-02-17 - By Jayson K Hanes
Back
In fact, it is.
You need to define port ranges in the crossdomain.xml file..
See:
http://www.macromedia.com/devnet/mx/flash/articles/fplayer_security_03.h
tml
Example:
<?xml version= "1.0 "? >
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd " >
<!-- Policy file for xmlsocket://socks.mysite.com
-- > <cross-domain-policy >
<allow-access-from domain= "* " to-ports= "507 " / >
<allow-access-from domain= "*.mysite.com " to-ports= "507,516 " / >
<allow-access-from domain= "*.myothersite.com " to-ports= "516-523 " / >
<allow-access-from domain= "www.myothersite.com "
to-ports= "507,516-523 " / >
<allow-access-from domain= "www.mysite.com " to-ports= "* " / >
</cross-domain-policy >
Hope that helps.
-Jayson
> -- --Original Message-- --
> From: Paul Lemon [mailto:paull@(protected)]
> Sent: Tuesday, February 17, 2004 5:01 AM
> To: flashcoders@(protected)
> Subject: RE: [Flashcoders] XML socket policy files on ports < 1024
> (SECURITY ISSUE?)
=-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
Supported by Fig Leaf Software
=-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
Be sure to check the archives and the wiki:
http://chattyfig.figleaf.com/
=-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
http://chattyfig.figleaf.com/cgi-bin/ezmlm-cgi?1:mss:104422
=-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
To unsubscribe send a blank e-mail to:
Normal Mode: flashcoders-unsubscribe@(protected)
Digest Mode: flashcoders-digest-unsubscrive@(protected)
|
|
|