W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2008

Re: [AC] Preflight-less POST

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Fri, 11 Jul 2008 00:01:03 +0200
To: "Anne van Kesteren" <annevk@opera.com>
Cc: "Webapps WG" <public-webapps@w3.org>
Message-ID: <7b1d74h8cu93kh35mr6emi8104t57fdeh4@hive.bjoern.hoehrmann.de>

* Anne van Kesteren wrote:
>It seems Björn has some other data than I have. I used the following  
>simple page together with request sniffing
>
>   http://blog.monstuff.com/Flash4AJAX/static/Xdomain.html
>
>to figure out if everything had a preflight /crossdomain.xml GET request.  
>Using Flash 9 on Ubuntu this appeared to be the case.

The address I gave explains one way to reproduce my results. Adobe Flash
offers a variety of methods to dispatch requests to web servers and they
do not all have the exact same security restrictions.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Thursday, 10 July 2008 22:01:42 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:27 GMT