[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnash-dev] default load policy in gnashrc
From: |
Rob Savoye |
Subject: |
Re: [Gnash-dev] default load policy in gnashrc |
Date: |
Mon, 20 Nov 2006 07:43:28 -0700 |
User-agent: |
Thunderbird 1.5.0.8 (X11/20061107) |
strk wrote:
> If you *do* have both 'whitelist' and 'blacklist', the
> blacklist won't be used.
Both should get used, in addition to the "localdomain()" value. If a
file that is to be loaded isn't in the whitelist or blacklist, then the
value of localdomain (the only real security setting for Flash) is used
to determine if it should be loaded or not.
For sites in the whitelist, localdomain should be ignored, and the
content loaded anyway. For any sites in the blacklist, that content is
never loaded, regardless of the value of localdomain.
> So, rationale is:
> - use 'whitelist' if you want to DENY by default
> - use 'blacklist' if you want to ACCEPT by default
This is reversed. A Blacklist denys access, and a whitelist allows it.
- rob -
- [Gnash-dev] default load policy in gnashrc, strk, 2006/11/13
- Re: [Gnash-dev] default load policy in gnashrc, strk, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, Tomas Groth, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, strk, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, Tomas Groth, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, strk, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, Rob Savoye, 2006/11/20
- Re: [Gnash-dev] default load policy in gnashrc, strk, 2006/11/20
Re: [Gnash-dev] default load policy in gnashrc,
Rob Savoye <=
Re: [Gnash-dev] default load policy in gnashrc, strk, 2006/11/20
Re: [Gnash-dev] default load policy in gnashrc, Rob Savoye, 2006/11/20
[Gnash-dev] crossdomain policy (was: default load policy in gnashrc), strk, 2006/11/20