Re: [flasher] Re: Hijacking Flash Content w/ Absolute Embed

[Gregg Caines]

The only problem with this is that the JavaScript would have to be

256 characters or less so that it can be called by a GetURL() in Flash.

If you're putting the URL check into a JavaScript on the HTML page,

then that security is easily subverted by putting the SWF in a new

HTML page... If you make the URL check from your SWF , then

that could definitely work... It would be useless in the JavaScript-

disabled browsers out there, but it should be enough to deter hi-jacking.


That's certainly a much simpler method than mine... I'd be interested

to see if the entire function could be passed through the GetURL().

It definitely seems possible...


---------------------------------------------------

Gregg Caines

n e o m e t r i x  systems inc.

http://www.neometrixsystems.com

gcainesneometrixsystems [dot] com

> Could you not call a javascript funtion or something from the Flash movie

> that looks at the URL that is loading the site? Just off the top of my

head

> right now, but I can try and explain better later. Something along the

lines

> of a framebuster type thing...

>

> HTH,

> jb