Configuring Flash for Cross-Domain Access

By default, the OBS system is configured to support cross-domain access using the root domain name. This allows access from all domains, and clients are likely to be attacked.

To address this issue, you can create a crossdomain.xml file with specific rules in the bucket for each client, and add Security.loadPolicyFile("") in the flash code of the file to prevent attacks.