Flash, sockets and policy-file-request

If you are making a flash client for your protocol or server and receive <policy-file-request/>. on your server (let’s say with a sniffer), that’s because flash version newer than 9.0.115 has changed the security policy.
Here is the explanation of the new security policy. In brief, the flash application tries to connect to port 843 of the server where the socket needs to be connected to fetch a crossdomain.xml .
This article explains how it works and gives two flashpolicyd (flash policy daemon), one version in perl, another one in python, they are both in that archive.
I also found one in ruby that handles timeouts and errors.

Maybe I will take the one in python, daemonize it, add better error handling, and will package it for ubuntu, but maybe only 🙂

Advertisements

1 Comment »

  1. rage said

    Here is a http://www.leblebistudio.com/policy-file-request-hatasi-ve-cozumu/ Policy File Request Solution.

RSS feed for comments on this post · TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: