<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
        {font-family:SimSun;
        panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:"\@SimSun";
        panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p
        {mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxmsonormal, li.ecxmsonormal, div.ecxmsonormal
        {mso-style-name:ecxmsonormal;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsonormal, li.ecxecxmsonormal, div.ecxecxmsonormal
        {mso-style-name:ecxecxmsonormal;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsochpdefault, li.ecxecxmsochpdefault, div.ecxecxmsochpdefault
        {mso-style-name:ecxecxmsochpdefault;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsonormal1, li.ecxecxmsonormal1, div.ecxecxmsonormal1
        {mso-style-name:ecxecxmsonormal1;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsochpdefault1, li.ecxecxmsochpdefault1, div.ecxecxmsochpdefault1
        {mso-style-name:ecxecxmsochpdefault1;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxmsochpdefault, li.ecxmsochpdefault, div.ecxmsochpdefault
        {mso-style-name:ecxmsochpdefault;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.ecxmsohyperlink
        {mso-style-name:ecxmsohyperlink;}
span.ecxmsohyperlinkfollowed
        {mso-style-name:ecxmsohyperlinkfollowed;}
span.ecxecxmsohyperlink1
        {mso-style-name:ecxecxmsohyperlink1;}
span.ecxecxmsohyperlinkfollowed1
        {mso-style-name:ecxecxmsohyperlinkfollowed1;}
span.ecxecxemailstyle181
        {mso-style-name:ecxecxemailstyle181;}
span.ecxemailstyle28
        {mso-style-name:ecxemailstyle28;}
p.ecxmsonormal1, li.ecxmsonormal1, div.ecxmsonormal1
        {mso-style-name:ecxmsonormal1;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.ecxmsohyperlink1
        {mso-style-name:ecxmsohyperlink1;
        color:blue;
        text-decoration:underline;}
span.ecxmsohyperlinkfollowed1
        {mso-style-name:ecxmsohyperlinkfollowed1;
        color:purple;
        text-decoration:underline;}
p.ecxecxmsonormal2, li.ecxecxmsonormal2, div.ecxecxmsonormal2
        {mso-style-name:ecxecxmsonormal2;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsochpdefault2, li.ecxecxmsochpdefault2, div.ecxecxmsochpdefault2
        {mso-style-name:ecxecxmsochpdefault2;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.ecxecxmsonormal11, li.ecxecxmsonormal11, div.ecxecxmsonormal11
        {mso-style-name:ecxecxmsonormal11;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.ecxecxmsohyperlink11
        {mso-style-name:ecxecxmsohyperlink11;
        color:blue;
        text-decoration:underline;}
span.ecxecxmsohyperlinkfollowed11
        {mso-style-name:ecxecxmsohyperlinkfollowed11;
        color:purple;
        text-decoration:underline;}
span.ecxecxemailstyle1811
        {mso-style-name:ecxecxemailstyle1811;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
p.ecxecxmsochpdefault11, li.ecxecxmsochpdefault11, div.ecxecxmsochpdefault11
        {mso-style-name:ecxecxmsochpdefault11;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:10.0pt;
        font-family:"Times New Roman","serif";}
span.ecxemailstyle281
        {mso-style-name:ecxemailstyle281;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
p.ecxmsochpdefault1, li.ecxmsochpdefault1, div.ecxmsochpdefault1
        {mso-style-name:ecxmsochpdefault1;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:10.0pt;
        font-family:"Times New Roman","serif";}
span.EmailStyle42
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-GB link=blue vlink=purple>
<div class=WordSection1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Check with fiddler?<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal style='margin-left:36.0pt'><b><span lang=EN-US
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
xerte-bounces@lists.nottingham.ac.uk
[mailto:xerte-bounces@lists.nottingham.ac.uk] <b>On Behalf Of </b>Dave Burnett<br>
<b>Sent:</b> 13 October 2010 16:46<br>
<b>To:</b> Xerte list<br>
<b>Subject:</b> RE: [Xerte] Xerte and Flash security<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal style='margin-left:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:
12.0pt;margin-left:36.0pt'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>
"ctrls.sendAndLoad(myReq, 'http://www.myserver.com/dave/some.xml'); //
just sits at event trap"<br>
<br>
<br>
<br>
<o:p></o:p></span></p>
<div class=MsoNormal align=center style='margin-left:36.0pt;text-align:center'><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
<hr size=2 width="100%" align=center id=stopSpelling>
</span></div>
<p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:
12.0pt;margin-left:36.0pt'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:
Patrick.Lockley@nottingham.ac.uk<br>
To: xerte@lists.nottingham.ac.uk<br>
Date: Wed, 13 Oct 2010 16:41:49 +0100<br>
Subject: RE: [Xerte] Xerte and Flash security<o:p></o:p></span></p>
<div>
<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Using the full domain in the
http:// request?</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'> </span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
<div>
<div style='border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0cm 0cm 0cm;
border-color:-moz-use-text-color -moz-use-text-color'>
<p class=MsoNormal style='margin-left:72.0pt'><b><span lang=EN-US
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
xerte-bounces@lists.nottingham.ac.uk
[mailto:xerte-bounces@lists.nottingham.ac.uk] <b>On Behalf Of </b>Dave Burnett<br>
<b>Sent:</b> 13 October 2010 16:39<br>
<b>To:</b> Xerte list<br>
<b>Subject:</b> RE: [Xerte] Xerte and Flash security</span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal style='margin-left:72.0pt'><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> <o:p></o:p></span></p>
<p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:
12.0pt;margin-left:72.0pt'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>
Only works on domains I think.<br>
Never seen a local file system specified in one.<br>
<br>
<o:p></o:p></span></p>
<div style='margin-left:36.0pt'>
<div class=MsoNormal align=center style='margin-left:36.0pt;text-align:center'><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
<hr size=2 width="100%" align=center>
</span></div>
</div>
<p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:
12.0pt;margin-left:72.0pt'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:
Patrick.Lockley@nottingham.ac.uk<br>
To: xerte@lists.nottingham.ac.uk<br>
Date: Wed, 13 Oct 2010 16:32:23 +0100<br>
Subject: RE: [Xerte] Xerte and Flash security<o:p></o:p></span></p>
<div>
<p class=MsoNormal style='margin-left:72.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Crossdomain?</span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
<p class=MsoNormal style='margin-left:72.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'> </span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
<p class=MsoNormal style='margin-left:72.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'> </span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
<div>
<div style='border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0cm 0cm 0cm;
border-color:-moz-use-text-color'>
<p class=MsoNormal style='margin-left:108.0pt'><b><span lang=EN-US
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
xerte-bounces@lists.nottingham.ac.uk
[mailto:xerte-bounces@lists.nottingham.ac.uk] <b>On Behalf Of </b>Dave Burnett<br>
<b>Sent:</b> 13 October 2010 16:32<br>
<b>To:</b> Xerte list<br>
<b>Subject:</b> [Xerte] Xerte and Flash security</span><span style='font-size:
10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal style='margin-left:108.0pt'><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> <o:p></o:p></span></p>
<p class=MsoNormal style='margin-left:108.0pt'><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'><br>
If while I am developing a bit and I want to load some XML from my server,
what's the trick?<br>
<br>
ctrls.sendAndLoad(myReq, FileLocation + 'some.xml'); //trips onLoad event<br>
<br>
ctrls.sendAndLoad(myReq, 'http://www.myserver.com/dave/some.xml'); // just sits
at event trap<br>
<br>
Dave<o:p></o:p></span></p>
</div>
<p class=MsoNormal style='margin-left:72.0pt'><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'><br>
This message and any attachment are intended solely for the addressee and may
contain confidential information. If you have received this message in error,
please send it back to me, and immediately delete it. Please do not use, copy
or disclose the information contained in this message or in any attachment. Any
views or opinions expressed by the author of this email do not necessarily
reflect the views of the University of Nottingham. <br>
This message has been checked for viruses but the contents of an attachment may
still contain software viruses which could damage your computer system: you are
advised to perform your own checks. Email communications with the University of
Nottingham may be monitored as permitted by UK legislation. <br>
<br>
_______________________________________________ Xerte mailing list
Xerte@lists.nottingham.ac.uk
http://lists.nottingham.ac.uk/mailman/listinfo/xerte This message and any
attachment are intended solely for the addressee and may contain confidential
information. If you have received this message in error, please send it back to
me, and immediately delete it. Please do not use, copy or disclose the
information contained in this message or in any attachment. Any views or
opinions expressed by the author of this email do not necessarily reflect the
views of the University of Nottingham. This message has been checked for
viruses but the contents of an attachment may still contain software viruses
which could damage your computer system: you are advised to perform your own
checks. Email communications with the University of Nottingham may be monitored
as permitted by UK legislation. <o:p></o:p></span></p>
</div>
<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'><br>
_______________________________________________ Xerte mailing list
Xerte@lists.nottingham.ac.uk http://lists.nottingham.ac.uk/mailman/listinfo/xerte
This message and any attachment are intended solely for the addressee and may
contain confidential information. If you have received this message in error,
please send it back to me, and immediately delete it. Please do not use, copy
or disclose the information contained in this message or in any attachment. Any
views or opinions expressed by the author of this email do not necessarily
reflect the views of the University of Nottingham. This message has been
checked for viruses but the contents of an attachment may still contain
software viruses which could damage your computer system: you are advised to
perform your own checks. Email communications with the University of Nottingham
may be monitored as permitted by UK legislation. <o:p></o:p></span></p>
</div>
</body>
</html>