[Flashcoders] should this work?
I have an application on my computer which is simply a socket listening for a connection on 127.0.0.1 port 5824. So, in AS3 I created a swf with the following code var sock:XMLSocket = new XMLSocket(); sock.connect(127.0.0.1,5824); and uploaded it to my server. Now, when I go to the web page where I uploaded the .swf, it connects to the socket in my local application -- giving me the ability to issue commands from Flash to the local machine. Repeat: the swf is running from the web server, not in the Flash sandbox... Is that correct? Or if I do try to create some Flash-localhost hybrid, will I get bitten by some sandbox/security issue in the future? ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
Re: [Flashcoders] should this work?
It would seem to be alright. If the computer opening the socket is accepting messages from Flash, why would the FlashPlayer care about that. It can not possibly tell if the person who wrote the server application at the other end of the socket has compromised the server The server administrator is letting the socket be opened so once again, why should the FlashPlayer care. The fact that the server is 127.0.01 and th server administrator is the same person driving the browser should all be lost on Flash. Flash did not break the user's security. The user did when the socket was opened up. Anyone who can get to that socket can do whatever the socket allows. On a LAN, this will be fun for hackers. Ron Lance Massey wrote: I have an application on my computer which is simply a socket listening for a connection on 127.0.0.1 port 5824. So, in AS3 I created a swf with the following code var sock:XMLSocket = new XMLSocket(); sock.connect(127.0.0.1,5824); and uploaded it to my server. Now, when I go to the web page where I uploaded the .swf, it connects to the socket in my local application -- giving me the ability to issue commands from Flash to the local machine. Repeat: the swf is running from the web server, not in the Flash sandbox... Is that correct? Or if I do try to create some Flash-localhost hybrid, will I get bitten by some sandbox/security issue in the future? ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
Re: [Flashcoders] should this work?
COOL!! On Feb 13, 2007, at 4:22 PM, Ron Wheeler wrote: It would seem to be alright. If the computer opening the socket is accepting messages from Flash, why would the FlashPlayer care about that. It can not possibly tell if the person who wrote the server application at the other end of the socket has compromised the server The server administrator is letting the socket be opened so once again, why should the FlashPlayer care. The fact that the server is 127.0.01 and th server administrator is the same person driving the browser should all be lost on Flash. Flash did not break the user's security. The user did when the socket was opened up. Anyone who can get to that socket can do whatever the socket allows. On a LAN, this will be fun for hackers. Ron Lance Massey wrote: I have an application on my computer which is simply a socket listening for a connection on 127.0.0.1 port 5824. So, in AS3 I created a swf with the following code var sock:XMLSocket = new XMLSocket(); sock.connect(127.0.0.1,5824); and uploaded it to my server. Now, when I go to the web page where I uploaded the .swf, it connects to the socket in my local application -- giving me the ability to issue commands from Flash to the local machine. Repeat: the swf is running from the web server, not in the Flash sandbox... Is that correct? Or if I do try to create some Flash-localhost hybrid, will I get bitten by some sandbox/security issue in the future? ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
