This content has been marked as final. Show 5 replies
AS2 also allowed you to add custom request headers, but not modify certain headers (modifying would include 'removing'). And for POST requests only.
This appears consistent:
Flash uses the browser connection when it runs in the browser, so I don't really know but I think it may also be dependent on the browser... I presume that's part of the reason, the other part is possibly related to security, I guess. Also, I don't understand what the harm of leaving it is. Out of curiosity, under what circumstances would it be essential to remove the Referer header from flash requests? I've only ever added custom headers to my flash POST requests sometimes, for various reasons.
some websites, when given a referrer, which is anything but their own, refuse to provide the requested HTTP content. when i manually enter URLs into firefox, it does not send a referrer whatsoever, and everything is totally fine.
flash on the other hand feels the need to forcefully provide a referer, so it is impossible for my application to work appropriately for some websites. really, i think this "security" measure is completely ridiculous.
Thanks for explaining.
I don't claim to know the official reason for it. I assumed it was for security though. You might need to contact Adobe if you want an official reason.
true, i thought Adobe officials posted in here and responded to questions
It's possible... but quite rare for an Adobe employee to post, I think. Its mostly 'user-to-user discussion' as mentioned below.