Interesting article written by Peleus Uhley for the Adobe Developer Center about creating more secure SWF web applications.
This article will help you set all the security to protect your SWF from threats, for example:
- Cross-domain privilege escalation
- Malicious data injection
- Script injection into the browser
- Insufficient authorization restrictions
- Unauthorized access to data in transit
- Unauthorized local data access
- Cross-site request forgery
- DNS rebinding
The article ends by a useful ‘auditor checklist’ for controlling dangerous functions.
I warmly advice this article!