Kyle Simpson's Gravatar Kyle Simpson's Profile

About Me:

Last 10 Comments

1

I've got a project called 'flXHR' http://flxhr.flensed.com/ which is a flash+javascript direct re-implementation of the native XHR api, but using an invisible flash object to allow cross-domain requests. Since it's API is identical, it's an easy drop-in replacement for native XHR, and can thus be used very easily with any existing code or JS frameworks (like jQuery, Dojo, etc).

Since it uses flash (specificaly 9.0.124+), it utilizes the newest, strongest implementation of Adobe's cross domain server opt-in policy to authorize such communication, which makes the communication using flXHR inherently more secure, more efficient, and less hacky than many of the other common cross-domain workarounds available right now.

In addition, by centering on the native XHR API, flXHR becomes an effective "future-proof" drop-in solution until such time as browsers extend those API's to allow for native cross-domain-safe communication.

Posted in /blog/2006/sep/the-dangers-of-cross-domain-ajax-with-flash.

Mon, 20 Apr 2009 at 10:14:41: Link

Stats

  • Member Since: 20 Apr 2009
  • Comments: 1

Web Site

shadedecho.myopenid.com

Blog Posts

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook