Adobe Flash Player onwards allows setting Authorization HTTP header

There were some issues with some earlier version of players, where it was not possible to set Authorization http-header for HTTP/GET requests. I tried to hack a way to do it using Socket or custom http-client in actionscript.

I just happened to read one of the technotes at Adobe’s site, which says Authorization header is allowed for Flash Player onwards. If you are trying to send request to another domain (different from the one hosting the SWF), a crossdomain-policy file is required.