dcsimg
A Flash Developer Resource Site

Page 4 of 5 FirstFirst 12345 LastLast
Results 61 to 80 of 86

Thread: #### Admin note regarding footers ####

  1. #61
    Senior Member
    Join Date
    Jul 2000
    Posts
    192
    Originally posted by tiGRAN=-2001
    and..how can you prevent that?
    that seems easy for a hacker
    It wasn't, thats why you guys get no flash footers. Quit crying like babies over a footer on a message board somewhere on the internet.

  2. #62
    Guest User Damaso's Avatar
    Join Date
    Dec 2000
    Location
    florida
    Posts
    213
    Who cares about footer anyway?

  3. #63
    FK's Pro Snowboarder dpark's Avatar
    Join Date
    May 2002
    Location
    Canada
    Posts
    68

    That Was A Mistake

    Ummm... I don't really care about the footers... but I think everyone is going to take that personally... if you see any torches blowing fire your way... step back at least 30 feet... mmmkkkkaaayyyy?

  4. #64
    FK's Super Loquacious Randomite ad_mtk2's Avatar
    Join Date
    Jun 2001
    Location
    ‡‡ Calgary, AB ‡‡ Born of bread in Bristol, UK
    Posts
    1,273

    Re: That Was A Mistake

    Originally posted by dpark
    Ummm... I don't really care about the footers... but I think everyone is going to take that personally... if you see any torches blowing fire your way... step back at least 30 feet... mmmkkkkaaayyyy?

  5. #65
    FK's Super Loquacious Randomite ad_mtk2's Avatar
    Join Date
    Jun 2001
    Location
    ‡‡ Calgary, AB ‡‡ Born of bread in Bristol, UK
    Posts
    1,273
    Originally posted by tiGRAN=-2001
    I just posted a new thread asking this question, then i saw this thread, and went back to delete it

    Originally posted by ad_mtk2
    But if you don't bring them back, then i'll just have to make a screenshot of my footer and save as .gif!!!
    Bye for now
    no need for screenshot,
    you could just publish it as a .jpg or .gif
    That wont work as i have movie clips flying around the place and they wont show on the footer...unless you know other wise???

  6. #66
    G-Mace cougrhky20's Avatar
    Join Date
    Aug 2001
    Location
    Northern Virginia
    Posts
    156
    You'd think in a nice community like this one there wouldn't be any problems like people stealing other people's cookies.

    About the footers, Id like to have the footers stay whether or not their flash really doesn't matter to me, but the footers allow us to personalize our posts. I guess if you already have your title and pic it doesnt matter, however for lil people like me crawling to the top the footer is all I have...

  7. #67
    Senior Member
    Join Date
    Jun 2001
    Posts
    136
    This is a security issue inherent to the functionality of flash, and exists anywhere where a site allows a third party to run a flash movie on their site.

    The good thing is flash movies on flashkit can only access cookies from the flashkit domain. So if flashkit want to enable flash footers, it's really an issue over the data flashkit stores in it's cookies, and how this could be used in the wrong hands. I guess some private encryption of the data within the cookies would make it secure, as any accessable data such as username and password would be unreadable to a third party.

    Provided it is not possible to create a replica fake cookie from scratch, using data in a real one, (I don't currently know of a way), surely this would solve the problem?

    Mike

  8. #68
    I miss mine too, but I am learning that nothing is safe out here.
    FK? You take all the time you need to!
    I'm behind 'ya.

    If there are any good programers out there, this might be insriration to help find an answer to this, and other security problems. I wish I could help, but right now, I just don't know how to help, other than to give Flash Kit
    All my support in this matter.

    Keep up the great work, Flash Kit

  9. #69
    Junior Member
    Join Date
    Feb 2001
    Posts
    23
    wouldnt it be possable to restrict the footers to earlyer versions of flash, flash wont let you use flash 5&6 commands if you publish it for flash 4. If you where to find away to restrict it to befor the actionscript that the bug is comeing from was there I wouldnt think you would have a problem..

    other then inforceing it.. even then you could probly make some kind of php script to..


  10. #70
    Gross Pecululatarian Ed Mack's Avatar
    Join Date
    Dec 2001
    Location
    UK
    Posts
    2,954
    Flash 4 had a getURL though.. It can access javascript. How about after the users sign in, it only sotres their names and wheter they are logged or not, and then passwords are not needed if you have the right cookie under the FK domain? It may require editing of the boards, but nobody could get your password. The problem with encrypting it is that it is used in the password field above ^^^^.

  11. #71
    Senior Member
    Join Date
    Jun 2001
    Posts
    136
    Bespoke encryption on cookie data would work provided it was decrypted server side, and provided it was not possible to fake a cookie. These can normally only be set by the same domain that reads them i.e. flaskkit.com. The encryption would prevent the hacker logging in manually with any cookie data, and by the very nature of cookies he would not be able to use someone else's cookie data to masquerade himself as authenticated.

    However I've just released there's a fatal flaw in this plan whereby it is in fact very easy to fake a cookie using someone else's data, so in fact it wouldn't work at all...

    The only other possible solution I can think of, which is quite cunning, is to throw up a JavaScript error on the page to prevent all other JavaScript from executing.

    That's a terrible solution in practice, but would in theory work

    Seems removing authentication via cookies is the only logical way forward. I can't see MM doing anything because it's not a bug, and even if they did, the ability to misuse it in this case is already out there.

    Mike

  12. #72

    Thumbs up

    Well, seeing as I hadn't myself created or even considered a flash footer, this hasn't quite hit home with me, although I did enjoy seeing what could be done within those confines. Quite impressed was I. And now we've but plain images to go on. Heh but still, anyone trying to thieve cookies by this method has too much free time, in my estimation. Well, good luck on the resolution, and I support FK in their decision here as well.

    Later folks,
    Joe

  13. #73
    FLESRUOYLLIK
    Join Date
    Jul 2000
    Location
    Behind you…
    Posts
    118

    Re: who cares about a footer?

    I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.

  14. #74
    N' then I might just
    Jump back on
    An' ride
    Like a cowboy
    Into the dawn
    ........To Montana.
    david petley's Avatar
    Join Date
    Jun 2000
    Location
    not in Montana ™
    Posts
    10,192

    Re: Re: who cares about a footer?

    Originally posted by electrolux3
    I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.
    never mind, put in a picture (remember the limitations on size, they still apply) and you can have two lines of text which can still be links to sites you want to show off.

    If footers to advertise yourself are the only reason you come here, then you are missing out about 99.9% of what this site is about.

    So no, that is not what this site is all about. In fact, the footers are probably the most useless part of this site.

    People should just forget about them, they are history by the looks of it.

    david p.

  15. #75
    curmudgeon swampy's Avatar
    Join Date
    Jan 2001
    Location
    [wakey]
    Posts
    2,775
    Originally posted by electrolux3
    I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.
    No it isn't. Flash development is the business I am in. I have a nice job which pays well, I could care less who visits my site. I'm not out for fame, just a comfortable life.

  16. #76
    FLESRUOYLLIK
    Join Date
    Jul 2000
    Location
    Behind you…
    Posts
    118

    oh

    Originally posted by swampy
    Originally posted by electrolux3
    I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.
    No it isn't. Flash development is the business I am in. I have a nice job which pays well, I could care less who visits my site. I'm not out for fame, just a comfortable life.
    well as long as you're alright.

    the 99.9% of this site that I'm missing is the 99.9% that I don't want to know about, i've got a low boredom threshold and can just about manage 0.1% of this site- and thats only about once every couple of months

  17. #77
    N' then I might just
    Jump back on
    An' ride
    Like a cowboy
    Into the dawn
    ........To Montana.
    david petley's Avatar
    Join Date
    Jun 2000
    Location
    not in Montana ™
    Posts
    10,192

    Re: oh

    Originally posted by electrolux3

    well as long as you're alright.

    the 99.9% of this site that I'm missing is the 99.9% that I don't want to know about, i've got a low boredom threshold and can just about manage 0.1% of this site- and thats only about once every couple of months
    shrug,
    you're sorely missed.

    Maybe Flashkit should just ask you to take out a banner ad and pay for your advertising like other advertisers who have no real interest in the site.

    BTW, you will notice that the banners have one advantage over the footers........they still work.

    dp

  18. #78
    FK's Super Loquacious Randomite ad_mtk2's Avatar
    Join Date
    Jun 2001
    Location
    ‡‡ Calgary, AB ‡‡ Born of bread in Bristol, UK
    Posts
    1,273

    Re: Re: oh

    Originally posted by david petley
    BTW, you will notice that the banners have one advantage over the footers........they still work.
    dp
    well said that man in the blue hat.

  19. #79
    Griffhiggins 2.2 clifgriffin's Avatar
    Join Date
    May 2001
    Location
    Your Bathroom! Bwahahaha!
    Posts
    1,383
    I find it hard to believe this isn't an issue that can be resolved without ditching flash footers.

    That said, you could always have an approval system.

    You submit your desired flash footer with the source and it is qued to be reviewed by the mods at their leisure.

    This is one way you could prevent security breaches.

    Just an idea.

  20. #80
    FK's Resident Butt Clencher !! buttclencher's Avatar
    Join Date
    Dec 2001
    Location
    mumbai
    Posts
    24
    Originally posted by KLTdesigns5869
    Originally posted by buttclencher
    hey
    pliz give my footer back
    i dont have a domain so i dont have remote support for pictures !!
    i got to have a flash footer
    and u gotta let me have it !!
    are u listening mr administrator !!

    You have a domain that will host a flash file, but not an image file???

    weird

    hehehehehe
    the truth is i dont have a domain of mah own !!

    mah site is hosted on brinkster !!
    and as far as mah knowledge goes brinkster does not have remote support for pictures !!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center