This content has been marked as final. Show 3 replies
Even if you scramble the URL in SWF it will be visible to any sniffer, firewall etc. So for really interested ones you can't hide it.
thanks for your answer, i'll try to just encrypt my data
Keep in mind that in general, any data processed on the client is 'unsafe' by its very nature. The only place to safely process data that you wish hide is on the server which you control.
You can obviously make it harder, but as warez cracks etc. point out, if it runs on the client, it can be cracked, decompiled, debugged, etc. In general the goal should be to store and process any data that shouldn't be visible to the client on the server side only, and to use encryption to prevent man-in-the-middle manipulation of the data.
You can however pass data to a client that isn't secret, but you can prevent/reduce the chance that the data can be forged. A common (though not foolproof) method is to send the data (say their username or id) to the client along with an md5 or SHA1 hash of the data. Again, the hash validation must be done server side or the client can be attacked to gain the hash seed data.