GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   What is crossdomain.xml and what is it needed for? (https://gfy.com/showthread.php?t=1041017)

tonyparra 10-08-2011 06:19 AM
What is crossdomain.xml and what is it needed for?
 
I cant find any articles newer than 2008 in google could someone explain in common terms what it is and the uses for it?

Barry-xlovecam 10-08-2011 06:42 AM
it allows you to use a xml fie from a foreign domain to yours

fris 10-08-2011 06:47 AM
Quote:
Originally Posted by tonyparra (Post 18477557)
I cant find any articles newer than 2008 in google could someone explain in common terms what it is and the uses for it?
could be for an ajax call in javascript from another domain

tonyparra 10-08-2011 07:29 AM
Quote:
Originally Posted by fris (Post 18477594)
could be for an ajax call in javascript from another domain
im getting alot of 404 errors for /crossdomain.xml for all the wordpress installs on a certain host, i was hoping it was surfers looking for something :(

blackmonsters 10-08-2011 07:51 AM
Quote:
Originally Posted by tonyparra (Post 18477651)
im getting alot of 404 errors for /crossdomain.xml for all the wordpress installs on a certain host, i was hoping it was surfers looking for something :(

You would need a crossdomain.xml to allow your flash swf file to import swf files from
another domain. Which you don't want to do unless the other domain is yours or
extremely trusted.

The 404 error you are getting is probably a "sniffer" trying to find and hack the
file.

Chris 10-08-2011 08:15 AM
someones using a really outdated vuln scanner

cooldude7 10-08-2011 09:11 AM
Quote:
Originally Posted by blackmonsters (Post 18477677)
You would need a crossdomain.xml to allow your flash swf file to import swf files from
another domain. Which you don't want to do unless the other domain is yours or
extremely trusted.

The 404 error you are getting is probably a "sniffer" trying to find and hack the
file.
:thumbsup

as far as i know,
if you permit other domains in crossdomain.xml and your flash player has preroll ads.,

then i can download your flashplayer, do reverese engg., in it remove the preroll ads script, upload it to my server and still fetch videos from your box.

but i may be wrong.

blackmonsters 10-08-2011 09:36 AM
Quote:
Originally Posted by cooldude7 (Post 18477777)
:thumbsup

as far as i know,
if you permit other domains in crossdomain.xml and your flash player has preroll ads.,

then i can download your flashplayer, do reverese engg., in it remove the preroll ads script, upload it to my server and still fetch videos from your box.

but i may be wrong.
That "can" work, but that's more work than needed to leach videos in most cases,
and you wouldn't need to have your domain in their crossdomain.xml either.

Videos are "played" rather then "imported" so no crossdomain.xml is needed to
play videos from other domains.

Bird 10-08-2011 10:09 AM
They use it in Kaltura video server for letting the flash player play at any domains in the list...

http://www.kaltura.org/solving-crossdomainxml-issue

EukerVoorn 10-08-2011 10:09 AM
Just check how youtube does it.


All times are GMT -7. The time now is 03:15 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123