The problem is if they took that approach, the vague security hole would continue to exist - a potential exploit would simply need to compile for an old version of the player.
It's awful, but I wouldn't really say it's an "stupid" decision. As soon as they decided to cripple the functionality, making it global is the only way to go. It's a no-win situation. This is also the way certain similar security decisions have been made in the past. I think the only real solution would be to let it work as usual, BUT add an optional checkbox to the file browsing dialog that would let the user disable further dialogs from that Flash movie (or at least THEN make it respond to events only), in the same vein Google Chrome does with Javascript dialog popups. It works very well to combat the focus-stealing exploits, and I'm not sure why Adobe didn't take that route instead. Zeh On Fri, Oct 17, 2008 at 4:47 PM, Juan Pablo Califano < [EMAIL PROTECTED]> wrote: > Not that it doesn't work, necessarily, but now the browse() method will > only > be callable in response to a user action, not programatically. > > http://theflashblog.com/?p=423 > > In my opinion, this change would be ok if it were applicable only to swf's > compiled for version 10 or greater, but changing an existing API in a > way that deliverately breaks existing content that has been working for > years is a stupid decision and a serious lack of respect to users of the > platform (end users and developers), to say the least. > > > Cheers > Juan Pablo Califano > > > 2008/10/17, Merrill, Jason <[EMAIL PROTECTED]>: > > > > HOLD THE PHONE. So are you saying FileReference upload no longer works > in > > AS2/AM1 published .swfs in Flash 10????? If so, that IS VERY BAD and > will > > break many applications. > > > > Jason Merrill > > Bank of America > > GCIB & Staff Support L&LD > > Instructional Technology & Media > > Join the Bank of America Flash Platform Developer Community > > Are you a Bank of America associate interested in innovative learning > ideas > > and technologies? > > Check out our internal Innovative Learning Blog & subscribe. > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto: > > [EMAIL PROTECTED] On Behalf Of Dave Segal > > Sent: Friday, October 17, 2008 2:18 PM > > To: 'Flash Coders List' > > Subject: [Flashcoders] Flash 10 file upload > > > > The new Flash 10 security restriction on file upload and lack of backward > > compatibility is killing me. What was Adobe thinking unleashing this > > nightmare and breaking working applications? Is there any quick fix for > > this besides recoding old swfs? > > > > _______________________________________________ > > Flashcoders mailing list > > Flashcoders@chattyfig.figleaf.com > > http://chattyfig.figleaf.com/mailman/listinfo/flashcoders > > > > _______________________________________________ > > Flashcoders mailing list > > Flashcoders@chattyfig.figleaf.com > > http://chattyfig.figleaf.com/mailman/listinfo/flashcoders > > > _______________________________________________ > Flashcoders mailing list > Flashcoders@chattyfig.figleaf.com > http://chattyfig.figleaf.com/mailman/listinfo/flashcoders > _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
