Adobe has announced some major security changes in Flash 9. Many of these changes break network enabled Flash applications. Most notable applications that use any of the following:
- You use sockets or XMLSockets, regardless of the domain to which you are connecting
- You use addRequestHeader or URLRequest.requestHeaders in any network API call when sending or loading data cross-domain
or
- You provide access to content on remote domains as a web service provider
- You have SWFs that are exported for Flash Player 7 (SWF7) or earlier that communicate with the hosting HTML by any means
- You use “javascript:” through network APIs to communicate outside a SWF
The full release on the security issues are available here. These changes mean that many Flash applications which have worked for years under Flash 7, will need to be re-written for Flash 9. Some of these changes are so extreme that porting might not even be possible.
This looks like a real opportunity for Silverlight to pick up some market share. I would Microsoft to put a big push on about there network security model and how it would be easier to support Silverlight rather dealing with the new Flash 9 security model.