The basic policy for Actionscript is very close to the Javascript same-origin policy: A Flash object can only access content from the domain it originated from. There are exceptions, which I'll get into another time, but they actually aren't particularly important. This flash behavior is known and documented, but is not particularly well-understood, even within the Web Application Security community. The important difference, of course, is that flash objects are not web pages. A flash object does not need to be injected into a web page to execute- simply loading the content is enough. Let's consider the implications of this policy for a moment: If I can get a Flash object onto your server, I can execute scripts in the context of your domain.

This is a frighteningly Bad Thing. How many web sites allow users to upload files of some sort? How many of those sites serve files back to users from the same domain as the rest of the application? Nearly every one of them is vulnerable.

SlideRocket is a revolutionary new approach to presentations. It's the only presentation software that allows you to create stunning presentations, manage them intelligently, share them securely and then measure the results. SlideRocket also includes an online marketplace where you can find all the content and services you might need to make your presentations great. SlideRocket goes beyond traditional presentation tools by harnessing the power of the Internet and making everything available to you in an integrated and intuitive online interface. SlideRocket is provided in a software-as-a-service model in a variety of price points starting at free.

Please enter the URL of a YouTube movie to watch in HTML5 format:

Cairngorm is the lightweight micro-architecture for Rich Internet Applications built in Flex or AIR. A collaboration of recognized design patterns, Cairngorm exemplifies and encourages best-practices for RIA development advocated by Adobe Consulting, encourages best-practice leverage of the underlying Flex framework, while making it easier for medium to large teams of software engineers deliver medium to large scale, mission-critical Rich Internet Applications.

Mate is a tag-based, event-driven Flex framework. Flex applications are event-driven. Mate framework has been created to make it easy to handle the events your Flex application creates. Mate allows you to define who is handling those events, whether data needs to be retrieved from the server, or other events need to be triggered. In addition, Mate provides a mechanism for dependency injection to make it easy for the different parts of your application to get the data and objects they need.

Swiz is a framework for Adobe Flex that aims to bring complete simplicity to RIA development. Swiz provides Inversion of Control, event handing, and simple life cycle for asynchronous remote methods. In contrast to other major frameworks for Flex, Swiz imposes no JEE patterns on your code, no repetitive folder layouts, and no boilerplate code on your development. Swiz represents best practices learned from the top RIA developers at some of the best consulting firms in the industry, enabling Swiz to be simple, lightweight, and extremely productive.

The final release of the xmoov FLV player has lots of new and exciting features like a multi-language interface, caption support, even more styling options, a customizable context menu (right mouse click), and improved CPU usage just to name a few. We are not releasing any information on the licensing model until the new website is online but will be releasing two versions, a less featured BASIC version and a full featured PRO version.

After 2 days of researching, I've just found how to do FLV streaming the right way!

Flowplayer is an Open Source (GPL 3) video player for the Web. Use it to embed video streams into your web pages.

|< First   < Previous   11–20 (48)   Next >   Last >|