Tag Archives: http

Job Opening: Flash Platform Developer

We are looking for some smart Flash Platform Developers who can be part of our team in Allies Interactive Services Pvt. Ltd., Kanpur, U.P.

We are a design and development company in Kanpur, though we are small but we are ambitious and have a great vision.

I posted the details on Flex-India sometimes back, pasting the same (edited the typos and formatted) over here:-

I have been meaning to post this for sometime but thought would it be appropriate to do that here?

I am part of a small design and development shop in Kanpur, U.P. Where, we mostly do web development using FOSS, mainly LAMP.

I moved to kanpur around 10 months back with a desire to build a great Flash Platform Team that would work on non-trivial type service projects and some great product ideas.

I could now start doing it, after we have managed to fix a lot of issues mostly a nice office, a good culture and some projects and a product in pipeline.

I need an experienced Flash Platform developer in my team, who can help us to make our vision, desire and dreams a reality.

Since Kanpur is not a metro or fancy place to live, it takes more than just technical aptitude to be here. That is some more strong reason f.ex. A desire to be part of a growing team, desire to be close to family, desire to contribute in the development of IT ecosystem in North and/or a desire to prove, hell yeah we can do great stuff from anywhere, even cities like Kanpur :-)

If you think, you want to help me by being part of my team and understand what I meant above, please don’t hesitate to contact me on [abdul dot qabiz at gmail dot com] off-list i.e. Direct email to me, please don’t reply here on this list.

As far as job description goes, I have already given an idea. However, we are looking for someone who understands web very well that is HTTP and other standards. Fundamentally good at problem solving, the real world ones, ActionScript, Flex Framework, Adobe Flash Player and AIR fundamentals and APIs.

Of course, good experience that says about in your behalf. We would also talk to you so things would get clear, i.e. If we are match for each other.

If you want to know more about company, please check out http://www.alliesinteractive.com

Adobe Flash Player 9.0.115.0 onwards allows setting Authorization HTTP header

There were some issues with some earlier version of players, where it was not possible to set Authorization http-header for HTTP/GET requests. I tried to hack a way to do it using Socket or custom http-client in actionscript.

I just happened to read one of the technotes at Adobe’s site, which says Authorization header is allowed for Flash Player 9.0.115.0 onwards. If you are trying to send request to another domain (different from the one hosting the SWF), a crossdomain-policy file is required.

Adobe Flash Player’s Security-Sandbox is very restrictive

Adobe Flash Player Security-Sandbox is very good and we have not heard any major security vulnerabilities so far. However, I think, it can be made more intelligent, I have some use-cases where I can’t do anything.

XMLSocket API is cool, since it’s inception, developers could create cool applications (multi-player games, chat-apps, presence-apps etc). XMLSocket servers (unity, swocket etc) is needed to comply with a specification in order to work with Flash Player (as a client). Since developers are using/creating custom-servers, they could control various things on server-side, f.ex: configuring right security-permissions, serving right policy-file (crossdomain.xml) etc.

With Binary Socket API, in Adobe Flash runtimes, things have changed a lot. Applications (for Adobe Flash runtimes) can now connect to servers using standard protocols (POP3, SMTP, Databases, HTTP etc). Totally cool feature which allows creation of kick-ass applications (Yahoo! Web Messenger, mySql driver etc). But Adobe Flash Player’s security-sandbox is limiting Binary Socket’s capabilities.

I have been working on a library (as3httpclient) to do more things (http-status-messages, http-authentication over GET request, support for more http-methods etc) which are not supported by URLLoader API. This library (as3httpclient) doesn’t work in deployed web-application because Adobe Flash Player’s Security-Sandbox restricts it to.

I have following questions/concerns:-

  • When URLLoader (or other such native APIs) can connect on any port, why can’t custom APIs (as3httpclient and others) connect?
  • Why can’t Flash Player be little more intelligent to check, if connection is made to a HTTP server? Rules could be:- If connection is requested to same domain and destination-port is assigned to HTTP server, let communication happen. If destination server:port is in different domain, check for valid crossdomain.xml and allow the connection?
  • Why doesn’t Flash Player consider to-ports attributes, if policy-file is served over HTTP?

With standards, we expect flexibility. We can’t expect a HTTP server to push policy-file to Flash clients? That’s not standard.

Technorati tags: , , , ,

HTTP Authentication for HTTP/GET requests using ActionScript 3

I am working on ActionScript3 API for Bloglines services, which requires HTTP Authentication for its two of the services. I was not able to set the header of a HTTP/GET request. Macromedia Flash Player allows you set the header only for POST requests. I discussed this issues with Ted Patrick and he told me how I can us Socket to achieve the desired and he was very kind to give a me code-snippet, which got me started. Thanks Ted.

Finally, I could implement a class(HTTPURLLoader) which allows me to:

  • Add request-headers
  • Do HTTP Authentication for GET URLs
  • Handle HTTP status messages
  • Read the complete response header

It basically connects to a HTTP server on port 80(hardcoded for now) and sends an HTTP/1.0 request so that server closes the connection immediately after response. I could use HTTP/1.1 to keep connection alive and do things. But then closing connection would require some more logic, either a timeout logic if there is no activity on socket then close the connection, or find the end delimiter of response and then close. So I chose the easiest approach :)

I am still working on it and there is a lot(bugs-fixing, optimization, code-commenting, removing hardcoded stuff etc) to be done. I just wanted to share whatever I have done so far. I think, idea is more important than the implementation.
Anyways, I also implemented Base64 in AS3 and also OPML parser for Bloglines. I would soon upload the entire Bloglines AS3 API source.

Download the code:

Usage:-

<mx:Application xmlns:mx="http://www.macromedia.com/2005/mxml" creationComplete="onAppInit()">
<mx:Script>
import flash.net.URLRequest;
import flash.net.URLRequestHeader;
import com.abdulqabiz.net.HTTPURLLoader;
import com.abdulqabiz.crypto.Base64;
private var loader:HTTPURLLoader;
private var END_POINT:String = "http://rpc.bloglines.com/";
//you need to set your email/password required for Bloglines access.
private var email:String = "YOUR_EMAIL_FOR_BLOGLINES";
private var password:String = "YOUR_BLOGLINES_PASSWORD";
private function onAppInit()
{
loader = new HTTPURLLoader();
loader.addEventListener("complete", onComplete);
loader.addEventListener("httpStatus", onHTTPStatus);
loader.addEventListener("progress", onProgress);
//for simplicity,not handling following three events.
//loader.addEventListener("close", onClose);
//loader.addEventListener("ioError", onIOError);
//loader.addEventListener("securityError",onSecurityError);
}
private function onComplete(event:Event)
{
//headers stroed as name-value(hash map)
var rh:Object = HTTPURLLoader(event.target).responseHeaders;
var str:String = "";
for(var p:String in rh)    str+= p + ":" + rh[p] + "\n";
console.text+="Response Headers: \n" + str + "\n\n";
//data property holds the content
console.text+="Body Content:\n" + HTTPURLLoader(event.target).data + "\n\n";
}
private function onProgress(event:ProgressEvent)
{
//bytesTotal is not accurate, and its 0 if server doesn't send Content-Length header.
console.text+= "Event: progress:-\n" + "bytesLoaded: " + event.bytesLoaded + "\n\n";
}
private function onHTTPStatus(event:HTTPStatusEvent)
{
//if httpStatus is 401, 403, 404, 500, 501, socket is closed.
console.text+= "Event: httpStatus (" + event.status + ")\n\n";
}
private function loadURL()
{
var request:URLRequest = new URLRequest();
//call listsubs method of Bloglines
request.url = END_POINT + "listsubs";
var credentials:String = Base64.encode(email + ":" + password);
//create HTTP Auth request header
var authHeader:URLRequestHeader = new URLRequestHeader("Authorization","Basic " + credentials);
//add the header to request
request.requestHeaders.push(authHeader);
//make the request.
loader.load(request);
}
</mx:Script>
<mx:Button label="Load URL" click="loadURL()"/>
<mx:TextArea id="console" width="100%" height="100%"/>
</mx:Application>