Comments on: new flash security policies

By: Tom

Tom — Tue, 09 Jun 2009 13:41:38 +0000

The arrogance!

Who do Adobe think they are that they can introduce a new protocol on a privileged port into the web?

This is infuriating. It’s a waste of bandwidth and a waste of time. Adobe Flash isn’t so important to me that I want to invest ANYTHING in learning and supporting their security model, only to have it change on me in the next version and require another 5 hours of reading and implementation!

I just need low-level sockets in my web applications. When this is natively available in common browsers it’s bye-bye to Adobe and their CS-undergrad-student-project approach to security.

Hopefully firewall makers will boycott this stupidity.

By: Sampath

Sampath — Sat, 25 Apr 2009 07:01:38 +0000

We got following Error messages…
only client side (Chat Window)..
Error: Connection to socket server failed (Flash Security Error).

how to fix this issue.. please give some extra tips..

by
SR

By: Tran Minh

Tran Minh — Fri, 24 Apr 2009 03:23:08 +0000

.net policy server here : http://code.google.com/p/flash-policy-server

By: Tran Minh

Tran Minh — Wed, 16 Jul 2008 07:28:40 +0000

I have created the policy server in .net. Anyone needs the source code can drop me a mail (info@epioneersolutions.com).

Thanks for this great article.

By: This sucks

This sucks — Fri, 09 May 2008 21:24:33 +0000

Well damn it i used to be able to play flash games at work and now adobe f-ed this all up. I am not a happy camper and want to play some one please tell me what to do. I hate big brother!

By: Gabriel

Gabriel — Wed, 30 Apr 2008 22:42:25 +0000

For those who have multiple servers i.e. some web servers on one side and a xml (or not) socket server on another side, the “master policy socket server” ™ has to run on the socket server, not the web servers. This would have been overkill to have to run some crappy socket server on every single web server serving SWF files.
Shame on Adobe they are not even using “virtual hosts” on the policy server, it is therefore not possible to run separate policies (for separate domains or on shared socket server hosting) from the same master policy server.
We are back to the problems we had 30 years earlier with FTP and HTTP/1.0 needing an IP for every single domain name. Not to mention how much companies are using secured applications with Flash as a frontend, directly from firewalled and/or secured vpn connections, obviously allowing only connections to port 80.
What a massive turn on for competitors like Silverlight…

By: Untitled :: Blog Archive » flash policy service daemon

Untitled :: Blog Archive » flash policy service daemon — Tue, 22 Apr 2008 09:05:21 +0000

[...] policy service daemon Well, it’s been months since I promised to post some usable socket policy service code, so I [...]

By: Untitled :: Blog Archive » flash socket policies update

Untitled :: Blog Archive » flash socket policies update — Mon, 21 Apr 2008 18:57:06 +0000

[...] socket policies update I’ve been getting a lot of positive feedback recently on the post I made last December on this topic, so it’s probably time to post an [...]

By: Tom

Tom — Sat, 19 Apr 2008 23:21:32 +0000

Bad point for Adobe! Now I have to configure all my servers, my customers call me every time arrrrfff!!!!!

I have just a problem with a Java socket server, I receive the “” from the Flash player and I send the cross-domain XML but it fails!!

Is someone has an example of XML syntax which works ???

Thanks u so much!

By: Paraschiv Sergiu

Paraschiv Sergiu — Sat, 19 Apr 2008 10:05:53 +0000

Me again )

It seems that whenever the swf does not connect due to problems with the 843 policy server (don’t know why these problems appear), the swf sends, as expected, a policy-file-request. If you correctly respond to this request then the swf reconnects and all is ok.
I does not work if I stop the 843 policy server, so this is just a failsafe!