In reading over the Adobe AIR 1.5.2 Release Notes, the most noticeable change for end-users seems to be a friendlier install screen for signed apps. The AIR application installer panel that displays the publisher identity has been simplified when an application is signed with a chained certificate Sure enough, it is a much more welcoming […]
Adobe AIR 1.5.2 – Friendly Install Screen Read More »
After having deployed many AIR apps with self-signed certificates over the past year or so, when I finally got one from a certificate authority I was quite happy to update my apps with it. Not so fast! You can’t update an AIR app that has been signed with a different certificate than a previously installed
Migrating AIR Apps from a Self-Signed Certificate Read More »
I had posted earlier concerning a strange issue with Flash Player 10 where the SWF would refuse to load if being served over a Java servlet. We’ve been able to resolve the issue by explicitly transferring any SWF content with a “Content-Disposition” header of “inline” as suggested by Adobe. The relevant portion of this document
Flash Player 10 Security Issue Resolution Read More »
I had heard about a security concern over Amazon’s video streaming service a few days ago with a lot of people (including some at Amazon) blaming Adobe for the security hole. Apparently, there is an exploit in their (Amazons) player that allows stream-ripping a full video. I’ve read the documentation on FMS3 security features and
Adobe Not to Blame for Amazon Exploit Read More »
I’m working on a way to proxy stream data from Flash Media Server to client applications on separate domains. There should be a simple mechanism in place to take care of such security restrictions, but since there is not, my plan is to create a proxy SWF that lives on the same domain as FMS
Juggling RTMP Stream Data Via Proxy Read More »
The documentation released along with the Apollo downloads is tremendous. Brushing through on a basic level, I’ve found the following item of interest: SWF files installed with Apollo applications do not need to look for cross-domain policy files. Capabilities that normally require another SWF file to grant access by calling the Security.allowDomain() method are not
Apollo Security Sandbox Read More »