I don't use HTTPS here (We have a closed intranet) so I can't test if it would
work but as I understand it, you should be able to do an HTTP call from the SWF.
I suggest giving it a try and monitoring the exchange with something like
Charles. That should tell you pretty quickly whether you can
-
From: Laurence
To: flexcoders@yahoogroups.com
Sent: Monday, February 22, 2010 3:16 PM
Subject: [flexcoders] Re: Security issues SOLVED. (Mostly...)
So, you're saying that serving the .SWF via HTTPS won't automatically make
all my ColdFusion calls through HTTPS? Like, I can have
Message -
From: Laurence
To: flexcoders@yahoogroups.com
Sent: Monday, February 22, 2010 3:16 PM
Subject: [flexcoders] Re: Security issues SOLVED. (Mostly...)
So, you're saying that serving the .SWF via HTTPS won't automatically make
all my ColdFusion calls through
From the Adobe Help files:
==
Each allow-access-from tag also has the optional secure attribute, which
defaults to true. You can set the attribute to false if your policy file is on
an HTTPS server, and you want to allow SWF
Yes but HTTPS is *so* much slower than HTTP... Some of the data that we don't
need secured can get as high as 50,000 records... I only need one credit-card
number per account secured. Not much data at all...
So how, exactly, does setting the secure=false tag open it up to snooping or
An Idea...
Put the SWF on the HTTPS Server. There will be a one time hit as the user loads
the SWF. Place your secure calls to the same HTTPS server. Place the other
calls to an HTTP server.
I don't know how or even if that would work but it's worth a try.
--- In flexcoders@yahoogroups.com,
So, you're saying that serving the .SWF via HTTPS won't automatically make all
my ColdFusion calls through HTTPS? Like, I can have the majority of my calls
through HTTP, and just secure the couple of calls that need to be secured?
I thought if you served the .SWF via HTTPS, all the calls to CF
everything in the same domain and
never run local. I can't believe things have changed that much between
versions
- Original Message -
From: Laurence
To: flexcoders@yahoogroups.com
Sent: Monday, February 22, 2010 3:16 PM
Subject: [flexcoders] Re: Security issues SOLVED
8 matches
Mail list logo