Adobe Flash Player Security Change – Prepare For Some Breaking Changes In April

Adobe is planning to release a security update for Flash Player 9 in April 2008 to strengthen the security of Adobe Flash Player.

This security update will make the optional socket policy file changes introduced in Flash Player 9,0,115,0 mandatory.

  • A socket policy file will always be required for all socket connections
  • A policy file will be required to send headers across domains.
  • The allowScriptAccess default will always be “sameDomain”
  • javascript:” URLs will be prohibited in networking APIs, except getURL(), navigateToURL(), and HTML-enabled text fields

This is probably a good thing, but I am expecting a lot innocent flash applications to get stuck in the crossfire if their developers are not prepared  or are not aware that their application will be nobbled by this update.

About James McParlane

CTO Massive Interactive. Ex Computer Whiz Kid - Now Grumpy Old Guru.
This entry was posted in JavaScript. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s