Alerting customers of customers

How could Adobe have handled WordPress better? I’m still thinking about that “Uploading Gone in Flash 10” piece last week, from Allen Stern.

Background: Adobe Flash Player 10 had to move to a stricter security model in a number of ways, including explicit user permission for file uploads. There’s been much ongoing guidance, and people who make SWF themselves seem to have made this jump successfully. But there has been higher-than-normal pain among JavaScript developers, bloggers, and video sites: they may not actually create SWF themselves, but they rely on SWFs made by Adobe’s customers. These folks didn’t get the word.

How can things be improved? I don’t know. Do you have ideas?

2 Responses to Alerting customers of customers

  1. Matt Round says:

    Perhaps Flash needs clearly visible errors for security model breaches, rather than quietly failing? Anything that’s been built/embedded in a way that means it runs into problems with user event or cross-domain issues has fundamental problems a developer needs to fix, so shouting about it might make sense.

  2. Jens Moller says:

    Why is there no way to allow a user to select that they want to allow uploads to a site, and just have to do it once, to allow this functionality to work like it used to? For all that Flash has added, Adobe seems not to understand why people use the product.
    [jd sez: There are security sensitivities to “eternal permissions”… DNS-pinnning alone would make it vulnerable.]