Solved

Flash and SSL: Encrypted?

Posted on 2007-03-27
5
497 Views
Last Modified: 2012-05-05
Hello, I have two questions relating to flash and SSL encryption:

If I made a .swf (Flash 7) contact form that returned all results to a database on my server:

a.  Would the transfer of information be secure if the .swf file was embedded
       in an HTML page viewed with a secure 128 bit SSL connection?

b. Could the transfer of information be made secure even if the .swf was
       embedded in an HTML page that was NOT viewed with a secure 128 bit SSL connection?

Please explain secure socket layers as they relate to Flash.

Thanks!


0
Comment
Question by:hankknight
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 37

Expert Comment

by:CyanBlue
ID: 18801357
Howdy...

There isn't much to explain there, I think...
If Flash is making HTTPS call, the data that Flash sends to the server is as secure as HTTPS provides...  Not sure if that answers your question though...

CyanBlue
0
 
LVL 16

Author Comment

by:hankknight
ID: 18801682
So if I place a .SWF contact form (that asks for a credit card and places it in my database ) in an HTML webpage that is SSL the information will be passed securely?
0
 
LVL 37

Accepted Solution

by:
CyanBlue earned 500 total points
ID: 18801717
Only if you are actually making HTTPS call from the Flash...  Something like this...

_lv.sendAndLoad("https://www.domain.com/script.php", _lv, "POST");

I have not much experience with working with SSL, so I don't know if this will work or not though...

_lv.sendAndLoad("script.php", _lv, "POST");

CyanBlue
0
 
LVL 16

Author Comment

by:hankknight
ID: 18801928
OK, so is it correct that a .swf contact form could be secure even on an insecure HTML page if this was done?

_lv.sendAndLoad("https://www.domain.com/script.php", _lv, "POST");
0
 
LVL 37

Expert Comment

by:CyanBlue
ID: 18802047
That's how I understand it but I could be wrong...
You can do a simple test if you have SSL access...  Just make that call from the HTTP and use a packet sniffer to see if you can see the data you are sending out...  

CyanBlue
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here are some practices and techniques that can be adopted into your Flash/Flex application development process. Note: Not all "performance tips" provide an immediately-recognizable benefit.   This article does not include timing validation data,…
In my long career of working as an actionscript developer, I had spent sleepless night often working hard to solve some small problems which actually took a lot of my development time; later found out the solutions to be a line or two. Here are s…
In this tutorial viewers will learn how to create a basic shape tween animation in Flash including shape hints for smooth animation Open a new document in Flash: Draw a shape: Select another frame (how long you want the tween to be): Right click and…
The goal of the tutorial is to teach the user how to select which audio input to use. Once you have an audio input plugged into the laptop or computer, you will go into the audio input settings and choose which audio input you want to use.

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question