Comments on: Flex 2 remote objects over SSL http://www.imakewebjunk.com/2007/03/21/flex-2-remote-objects-over-ssl/ Dave Konopka's web development blog Sat, 13 Feb 2010 16:56:50 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Aran http://www.imakewebjunk.com/2007/03/21/flex-2-remote-objects-over-ssl/comment-page-1/#comment-4290 Aran Fri, 06 Nov 2009 03:23:34 +0000 http://www.lifelikeweeds.com/2007/03/21/flex-2-remote-objects-over-ssl/#comment-4290 <p>@Jerome - No. You can definitely deliver your app and content files over http, and make SSL calls to your back end AMF services.</p> <p>It depends on what type of app you are actually building, but I see security issues in delivering your swf over http but doing all your service calls over SSL. All you need to do is ensure your AMF channel endpoint is definitely https based, and you have your certificates all set etc.</p> <p>As a sanity check, you can always use something like Charles or Service capture to ensure all your required service calls are actually https based...</p> @Jerome – No. You can definitely deliver your app and content files over http, and make SSL calls to your back end AMF services.

It depends on what type of app you are actually building, but I see security issues in delivering your swf over http but doing all your service calls over SSL. All you need to do is ensure your AMF channel endpoint is definitely https based, and you have your certificates all set etc.

As a sanity check, you can always use something like Charles or Service capture to ensure all your required service calls are actually https based…

]]> By: Jerome Clarke http://www.imakewebjunk.com/2007/03/21/flex-2-remote-objects-over-ssl/comment-page-1/#comment-173 Jerome Clarke Thu, 22 Mar 2007 11:24:43 +0000 http://www.lifelikeweeds.com/2007/03/21/flex-2-remote-objects-over-ssl/#comment-173 <p>from what I know... if you access your SWF file via HTTPS... you can access HTTP and HTTPS but if you only access it by HTTP... then you can only access HTTP and I think the same applies to others aswell like Socket, FDS and so on</p> <p>I just normally access my SWF files via HTTPS</p> from what I know… if you access your SWF file via HTTPS… you can access HTTP and HTTPS but if you only access it by HTTP… then you can only access HTTP and I think the same applies to others aswell like Socket, FDS and so on

I just normally access my SWF files via HTTPS

]]>