I'm using Flex to build cross-domain widgets that can be embedded on any domain. These widgets consume data via Services and AMFPHP. Unfortunately, I've been notified that my site is now vulnerable to attacks because I have a liberal crossdomain.xml policy file that allows connections from any domain.
I've done some research on possible solutions. These solutions include hosting the crossdomain.xml policy file on something like api.mysite.com, or moving the crossdomain.xml file into an arbitrary directory and calling it explicitly in the Flex application. This option reduces the attack vector, but doesn't solve the problem.
Has anyone set up a subdomain for their policy file, or perhaps mitigated the risk in another way?
References:
http://blog.monstuff.com/archives/000302.html
http://www.hardened-php.net/library/poking_new_holes_with_flash_crossdom...
http://shiflett.org/blog/2006/sep/the-dangers-of-cross-domain-ajax-with-...
Comments
Anyone got any suggestions?
Anyone got any suggestions?
Interesting conundrum
Interesting conundrum. As I delve more into Services I'm curious what others are doing about this, too. I think the only other option is to hardcode the domains in your app.
Thanks for the references!
I ended up solving this
I ended up solving this issue by writing a forwarder script, hosted on a subdomain. I wrote up some documentation about my solution, which can be viewed here:
http://beyrent.net/2008/07/07/drupal-and-sane-flash-remoting