Re: [flexcoders] validating a swf origin on URLRequest
On Monday 11 December 2006 17:22, marumucho wrote: 1. user accesses swf from foo.com 2. swf makes a URLRequest to foo.com/method.php 3. method.php needs to check if the swf making that request was downloaded from foo.com Unless you have a cross domain.xml it can not be any other way. -- Tom Chiverton Helping to conveniently disintermediate interdependent design-patterns This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * Your email settings: Individual Email | Traditional * To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) * To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
[flexcoders] validating a swf origin on URLRequest
Ok, I'm pretty very sure this is impossible but just need to confirm. 1. user accesses swf from foo.com 2. swf makes a URLRequest to foo.com/method.php 3. method.php needs to check if the swf making that request was downloaded from foo.com is that remotely possible? the swf is never mentioned in the HTTPHeaders, only client info of the browser generating that request. don't really mind if that's php or any other serverside technology, just need to know if it's theoretically possible or not. thanks! ps. my apologies if this is not the place to post this, could someone direct me to where the swf action is happening today?