WebApp Sec mailing list archives
Re:Flash sites
From: "leorl" <leorl () uol com br>
Date: Wed, 3 Sep 2003 15:03:02 -0300
Hi! I've worked with Flash from sometime and what I know is that there's no 'secure' flash file, as anyone can disassemble it. This is a pain to any Flash developer and makes us think that anyone can steal our job... I guess this is a concern in auditing flash sites, because if you have a form of any kind or any other retrival inside flash, someone can see it. Maybe you could do some backend security to increase your 'safety', as requiring the request for a certain info to be from the same host, but I don't know that part... Hope this helps. Please reply and correct me! Leo.
Hello all, If a web site contains only flash files and has no write permissions to modify those flash files, no default files or other potentially dangerous scripts can we say that is the "safest" form of a web site ? Are there any other concerns in auditing a flash based site ? Thanks John __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
--- Acabe com aquelas janelinhas que pulam na sua tela. AntiPop-up UOL - É grátis! http://antipopup.uol.com.br
Current thread:
- Re: Flash sites, (continued)
- Re: Flash sites Thomas Chiverton (Sep 04)
- Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Max Moser (Sep 04)
- Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Jean-Jacques Halans (Sep 04)
- Re: Flash sites Jeremiah Grossman (Sep 04)
- Re: Flash sites ADex (Sep 06)
- RE: Flash sites Nick Duda (Sep 03)
- RE: Flash sites Mathew C. Beckman (Sep 04)
- RE: Flash sites Piet Carpentier (Sep 04)
- Re:Flash sites leorl (Sep 04)
- FW: Flash sites GRIFFITHS ian (Sep 05)