Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherFLASH MEDIA SERVER 2-DEVELOPING MEDIA APPLICATIONS
919293949596979899100
96 Application Development Tips and Tricks
To use RTMPS, you replace rtmp in your NetConnection.connect call with rtmps. If you
dont specify a port number, Flash Player connects on the default secure port, port 443. A
secure port is designated with a minus sign. For example, <HostPort>:1935,80,-443</
HostPort>. This example specifies that Flash Media Player listens on any interface on port
1935, 80, and 443, where 443 is designated as a secure port that receives only RTMPS
connections. Attempting an RTMPS connection to 1935 or 80 results in a failure to connect.
Similarly, an RTMP connection to port 443 fails.
Confirm the location of the client SWF file. When you deploy a Flash Media Server
application, use a server-side script to verify that connecting SWF files are coming from the
location you expect (and not from an unknown computer). You can do this by checking the
client.referrer property of the client object before the server accepts the connection.
Use server-side script precautions. In server-side scripts, do not use procedures that a
malicious application can call. Procedures attached to client objects are particularly
vulnerable. Procedures to be aware of include writing to the hard disk without checking the
quantity of data being written, procedures that can be infinitely looped, and so on. If you are
integrating third-party code, you must also protect your application against malice and bugs.
For more information, see “Protecting scripts from third-party code” on page 96.
Protecting scripts from third-party code
Flash Media Server has a powerful script security model that lets you safely integrate third-
party code in an FMS application. For example, you could use the security model to prevent
file access or outbound network connections from third-party code. You should also protect
code in an extensible application that allows users to download third-party plug-ins and load
them into the FMS application.To safely integrate third-party code you must protect any
object in your application code that, if accessed by malicious or buggy third-party code, could
cause damage.
TIP
You cannot use RTMPS to establish a connection from one Flash Media Server to
another if the server being connected to is behind a firewall that is rejecting RTMP data.
A workaround is to cluster all Flash Media Servers behind the same firewall.
CAUTION
The Flash Media Server script security model is not designed to detect or prevent third-
party coding errors such as infinite loops.