Poking new holes with Flash Crossdomain Policy File. This is an old article from 2006 which describes the crossdomain.xml hidden in a GIF exploit I referred to in an earlier post (scroll down to the appendix for an example). As far as I know the Flash Player’s crossdomain.xml parser has been tightened up since.
Recent articles
- What happens if AI labs train for pelicans riding bicycles? - 13th November 2025
- Reverse engineering Codex CLI to get GPT-5-Codex-Mini to draw me a pelican - 9th November 2025
- Video + notes on upgrading a Datasette plugin for the latest 1.0 alpha, with help from uv and OpenAI Codex CLI - 6th November 2025