All entries for Tuesday 11 March 2008
March 11, 2008
Silverlight and AIR events
Tomorrow I’m off to the Silverlight Academic Day and I’ve just registered for the AIRTour London event on 9th April – both programmes look good and it’s a good opportunity to compare roadmaps and applications. Silverlight is more of a Flash/Flex rival of course, but it will be interesting to finally be able to see how each company presents its product and what the differences are.
Reports to follow – I have some preconceptions about Silverlight that I don’t think will be overturned, namely that it’s Flash/Flex for for .NET developers and that converting a legion of Adobe design tool users to an MS Expression/Silverlight workflow is going to be almost impossible, but I think Adobe has to keep moving now that Silverlight is available and MS can push it out widely via Windows Update.
April Flash Player Security Update
Writing about web page http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html
This is just a heads-up for myself really – there’s a Flash Security Update coming in April, and one of the changes might affect any uploading functionality we intend to use because we’ll need a policy file to POST and GET with additional headers:
The April 2008 Flash Player update adds a new security feature to perform a cross-domain policy file check before allowing SWFs to send headers to another domain. This change helps improve web site security by helping to defend against malicious HTTP headers sent by content from other domains. The feature will also help to mitigate a potential UPnP issue (VU#347812) in which routers fail to correctly handle unexpected header values. In order for a SWF to send a header anywhere other than its own host, the origin domain of the SWF must have explicit permission from the host to which the header is being sent, in the form of a policy file. The existing policy file model will apply, with the same file locations and ActionScript APIs, but a new syntax will be required. To specify header-sending rights, use this new tag: