incubator-flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raju Bitter <>
Subject Re: Apache Flex 4.8, playerglobal.swc versions, FP 11.x adoption, FP versions & security
Date Wed, 23 May 2012 21:25:50 GMT
Question #5, FP security:
Apple announced that with a recent security update FP will be disabled
in Safari, if you don't have the most recent version installed.

That would mean, if you have FP 10.3 installed in Safari, Safari would
not load the SWF, but ask you to upgrade the FP version. And it would
mean as well Apple only considers the latest (11.3) version of FP to
be secure - although with Apple and Flash you don't know if they want
to make it more difficult for users to run Flash.

But my questions aimed at the case where you load an  SWF targeting FP
10.1 into a FP 11.3 plugin, if that would be less secure than loading
the 11.3 version of the application with exactly the same source code.
Since both versions of the application would use the same
bytecode/file format (SWF10), it shouldn't be a problem. The reason
I'm asking is to understand if it would make sense from a security
standpoint to provide two versions of your applications to your users,
with preference of the 11.3 version over the 10.x version - if the
user has the latest FP installed.

- Raju

View raw message