We published a new article today that is recommended reading for anyone that is hosting, or is considering hosting, a cross-domain policy file on their site. Cross-domain policy files are a Flash Player security control that site owners can use to enable data loading between domains, which has allowed developers to make some cool and interesting mashups and apps. But you do need understand the security implications of using a cross-domain policy file, and be mindful of the security concerns and potential risks as you determine the right architecture for your site and applications.
By Emmy Huang
March 12, 2007