Whats a valid strategy for a secure image upload from a flash client?

Posted by WillyCornbread on Stack Overflow See other posts from Stack Overflow or by WillyCornbread
Published on 2010-04-27T01:08:41Z Indexed on 2010/04/27 1:13 UTC
Read the original article Hit count: 265

Filed under:

actionscript

|

authenticate

|

flash

|

security

Hi all -

I'm creating a flash application that will post images to a url for saving to disk/display later. I was wondering what are some suggested strategies for making this secure enough so that the upload is verified as coming from the application and not just some random form post.

Is it reliable enough to check referring location realizing that I don't need bulletproof security, or perhaps setting authentication headers is a better strategy even though it seems unreliable from what I have read.

Thanks for any advice - b

© Stack Overflow or respective owner

Related posts about actionscript

actionscript - testing actionscript via command line

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I would like to know if is there any easy way to test actionscript by using some kind of application like ruby's irb or javasctip spidermonkey where you can just open up your terminal and type the code straight away. This would be a good time saver when speaking of actionscript, since to test… >>> More
using SeekToNavCuePoint with Custom Cue Points created by ActionScript

as seen on Stack Overflow - Search for 'Stack Overflow'
i have custom flvPlayBack player, i want to do like add Custom CuePoints using ActionScript and making one button Event , On click of that button , Flv should seek to that CuePoints added using ActionScript . I am using below code to do that. var rtn_obj:Object; //create cue point object my_FLVPlybk… >>> More
How's ActionScript 3.0 supported on symbian,android,iphone and windowCE?

as seen on Stack Overflow - Search for 'Stack Overflow'
Anyone knows? To deal with all the things you can do with FMS3, you have two additional language Application Program Interfaces (APIs). Both APIs are extensions of ActionScript and are called Client-Side Media ActionScript and Server-Side Media ActionScript, or in this book, simply… >>> More
Embed custom font in Actionscript 3 project

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to display "Hello World" with calibri.ttf using only AC3. How would I do that? Found two solutions on the web but I cannot use any of them - The Adobe documentation site requires the use of Flash CS4. (Don't know how to use this in Flex Builder) - The embed tag method requires FLEX SDK Is… >>> More
Embed custom font in Actionscript 3 project

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to display "Hello World" with calibri.ttf using only AC3. How would I do that? Found two solutions on the web but I cannot use any of them - The Adobe documentation site requires the use of Flash CS4. (Don't know how to use this in Flex Builder) - The embed tag method requires FLEX SDK Is… >>> More

Related posts about authenticate

Authenticate with SharePoint's authenticate.asxm web service

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am trying to authenticate with the sharepoint authenticate web service in an account I have. I get an error saying NotInFormsAuthenticationMode. How do I change it from forms to none or windows? I tried with: myReference.Authentication auth = new myReference.Authentication(); … >>> More
Exchange 2007 Owa (OnlineVersion) can not authenticate

as seen on Server Fault - Search for 'Server Fault'
Exchange Authentication dll: https://red002.mail.emea.microsoftonline.com/owa/auth/owaauth.dll sending style is: request.Method = "POST"; request.ContentType = "application/x-www-form-urlencoded"; And sending following message destination=https://red002.mail.emea.microsoftonline.com/owa/testuser@xxxserver… >>> More
Unable to authenticate Windows XP clients agains Snow Leopard Server PDC after 10.6.2 upgrade

as seen on Server Fault - Search for 'Server Fault'
I have setup a Snow Leopard Server 10.6.1 as a PDC without problems to authenticate Windows XP clients. Joining a Windows XP client to the SLS PDC Domain and log in from a Windows XP client to the SLS PDC Domain are working. After the update to Snow Leopard Server 10.6.2 the authentication is broken… >>> More
Trying to connect to QuickBooks via Web Connect in asp.net

as seen on Stack Overflow - Search for 'Stack Overflow'
I don't know if any of you have had experience with QuickBooks integration, but I have to try :) I downloaded QuickBooks Free Simple Start, Quickbooks Web Connector and Web Service sample code ... I've read Web Connector manual and followed instructions but, when using authenticate function, I always… >>> More
Authenticating a single request with httpclient 4.x

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an HttpClient instance that's shared by a number of threads. I would like to use it to make a single authenticated request. Because only the single request should be authenticated, I don't want to modify the HttpClient instance as described in the documentation. Here's what I've worked out… >>> More