March 2, 2007

Dangers of crossdomain (crossdomain.xml) for flash

You will find other articles relevant to this document in these sections:
Cameron Manderson @ 8:04 am

Chris Shiflett recently posted an article on crossdomain.xml and the dangers of allowing cross-domain Ajax requests. Something to keep in the back of your mind when using public services or crossdomain.xml services. Flickr, Youtube, Yahoo and Amazon are all fixing/fixed this issue. In short separating out the public service for API that operates to its own domain is enough to stop this potential security vector.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Furl
  • Reddit
  • YahooMyWeb

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment