Secure XML on Client's PC

[digitaluweb]

Hi All

I am creating an application which loads images in swf. Image paths/names are loading from xml. XML will be dynamically generated with asp.net. Users will download SWF, XML and images as a (ZIP) package from our server for multimedia CD or their own website.
My question:
NOW, how can i secure my swf and XML so useres wont be able to add new content by modifying tags in xml? We dont want users to add/modify content by themselves. How can i secure my swf or xml?

P.N. * users will use our package offline!

[nunomira]

hi,

As long as I know, that's impossible to do.
An XML file is a simple text file, so as long as you give it to the user, she'll be able to change it in any text editor.

With all the decompilers and swf to fla tools available, the same stands true for the .swf file.
You may try an encrypter, but that will only make things more difficult, not protected.

[PAlexC]

The only thing I can think of would be to wrap using something like Zinc. I'm not sure it'll let you do this, but what you would have it do is check the modified date of the XML file and decide whether to use it based on that or not.

...of course, they could always switch out the assets referenced by that xml file as well.

It sounds like they "build" their package with a web app, and then it creates a zip for them to download, correct?

I'd look into having the server compile one or more swf's, then obfuscate them. Your packages would then be all swf, not a combination of swf/xml/images. I'm assuming you could have both a compiler and obfuscator run on a server, correct?

[Chris_Seahorn]

This was already asked in XML.