flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jude <flexcapaci...@gmail.com>
Subject Re: AIR Badge Installer Cookies and SSL
Date Fri, 04 Dec 2015 01:08:12 GMT
I looked into that page but don't know where I should use this URL. I think
the Flash badge.swf is making a direct call to the URL. If that's true then
we need a new swf that will call the "https" URL not the "http". I don't
see a similar URL in any of the
https://www.radii8.com/updates/badge_installer.html source.

On Thu, Dec 3, 2015 at 2:07 AM, Marcus Fritze <marcus.fritze@googlemail.com>

> This link should work
> https://fpdownload.adobe.com/air/browserapi/air.swf
> explained here:
> https://forums.adobe.com/thread/1098726
> Greetings
> Marcus
> Am 03.12.2015 um 10:37 schrieb jude <flexcapacitor@gmail.com>:
> A few posts ago I linked to the download page for Radiate. I purchased SSL
> on it a few months ago but when viewing the download page Firefox is
> showing warnings. None of the images were to blame so I checked the
> embedded badge_installer.html
> <https://www.radii8.com/updates/badge_installer.html> iframe and found it
> was causing the issues. I went through everything on the page (because
> obviously I want a secure connection) and changed every URL to use "https://".
> It still generated an warning so I checked the net connection and found it
> is pulling in "http://airdownload.adobe.com/air/browserapi/air.swf".
> It also contains a cookie that has my name and other details in clear
> text. I removed all the values:
> s_vi=;
> s_pers= s_fid=;
> s_vs=;
> gpv=adobe.com%3Aflashplatform%3Areference%3Aactionscript%3A3%3Aair%3Adesktop%3Aurlfilepromise;
> s_nr=;;
> UID=;
> AMCV_@AdobeOrg=;
> mbox=session#1234#PC#1234#1234;
> s_fid=;
> dtLatC=-la;
> dtPC=-;
> SCREENNAME=Full Name was here;
> s_cc=;
> dtCookie=;
> AIR_AB=live
> 1
> The page is here, https://www.radii8.com/updates/badge_installer.html.
> You can view source. I'm sure this is just analytics but the fact that my
> full name, my location, my pc id and other unknown information was sent in
> clear text over an unsecured "http" network call is a major issue in my
> book. Is there anyway I can fix this? First make the connection secure, and
> second, remove or limit the tracking cookies?
> NOTE: In addition this file was not available over https, "
> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab".
> It throws a 404.
> PS If you had wanted to try Radiate and don't want to use the badge
> installer there are direct links to the files on the download page.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message