Comments on: Abusing the ExternalInterface http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/ Mon, 07 Nov 2011 12:03:53 +0000 hourly 1 http://wordpress.org/?v=3.0 By: a_[w] http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-8560 a_[w] Fri, 10 Jun 2011 09:22:04 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-8560 <p>It runs with interval because this action ExternalInterface.call(“function() {document.getElementsByTagName(‘body’)[0].innerHTML += ‘dude’; }”); forces to remove all objects that exists in the body and replaces it with the same content, with "dude" added text to last text node. While executing this script your flash application will be removed and new instance will be placed and it will execute the same code and so on.</p> It runs with interval because this action ExternalInterface.call(“function() {document.getElementsByTagName(‘body’)[0].innerHTML += ‘dude’; }”); forces to remove all objects that exists in the body and replaces it with the same content, with “dude” added text to last text node. While executing this script your flash application will be removed and new instance will be placed and it will execute the same code and so on.

]]> By: Jeremy Daley http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-8252 Jeremy Daley Tue, 31 Aug 2010 16:51:34 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-8252 <p>Sorry. Let me clarify that... What I meant was that both ways of using ExternalInterface.call():</p> <p>ExternalInterface.call("function() {document.getElementsByTagName('body')[0].innerHTML += 'dude'; }");</p> <p>and</p> <p>ExternalInterface.call("eval", "document.getElementsByTagName('body')[0].innerHTML += 'dude'; ");</p> <p>...cause the browser to execute multiple times. Perhaps it has something to do with the DOM changing, I'm not sure.</p> Sorry. Let me clarify that… What I meant was that both ways of using ExternalInterface.call():

ExternalInterface.call(“function() {document.getElementsByTagName(‘body’)[0].innerHTML += ‘dude’; }”);

and

ExternalInterface.call(“eval”, “document.getElementsByTagName(‘body’)[0].innerHTML += ‘dude’; “);

…cause the browser to execute multiple times. Perhaps it has something to do with the DOM changing, I’m not sure.

]]> By: Jeremy Daley http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-8251 Jeremy Daley Tue, 31 Aug 2010 16:46:18 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-8251 <p>I like this article.</p> <p>Trying eval() on some JS like this though seems to run multiple times: document.getElementsByTagName('body')[0].innerHTML += 'dude';</p> <p>I can't figure out why. It's like it runs on an interval or something.</p> I like this article.

Trying eval() on some JS like this though seems to run multiple times: document.getElementsByTagName(‘body’)[0].innerHTML += ‘dude’;

I can’t figure out why. It’s like it runs on an interval or something.

]]> By: Dasa http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-7257 Dasa Thu, 14 Aug 2008 21:03:13 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-7257 <p>I found another way to make the call: var o : Object = ExternalInterface.call("eval", '(' + jsonS + ')');</p> <p>In my tests with a 12 KB json string, it's faster in Safari 3.1, but slower in IE 6, than using the as3corelib.</p> I found another way to make the call: var o : Object = ExternalInterface.call(“eval”, ‘(‘ + jsonS + ‘)’);

In my tests with a 12 KB json string, it’s faster in Safari 3.1, but slower in IE 6, than using the as3corelib.

]]> By: Theo http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-5553 Theo Tue, 12 Feb 2008 07:34:17 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-5553 <p>Yes, this was not a serious proposition, as you can see here: http://blog.iconara.net/2007/02/03/parsing-json-using-externalinterface-follow-up/</p> Yes, this was not a serious proposition, as you can see here: http://blog.iconara.net/2007/02/03/parsing-json-using-externalinterface-follow-up/

]]> By: Ed McManus http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/comment-page-1/#comment-5542 Ed McManus Tue, 12 Feb 2008 00:37:59 +0000 http://blog.iconara.net/2007/01/20/abusing-the-externalinterface/#comment-5542 <p>I'd be cautious of using External Interface to parse JSON strings. Complex objects tend to get mangled during Flash's AMF XML serialization/deserialization process. This is most evident with plug-in versions 9,0,28 and earlier.</p> <p>Your best bet is to use Flash's core library to parse JSON strings. It requires some additional overhead, but not enough to get hung up on.</p> I’d be cautious of using External Interface to parse JSON strings. Complex objects tend to get mangled during Flash’s AMF XML serialization/deserialization process. This is most evident with plug-in versions 9,0,28 and earlier.

Your best bet is to use Flash’s core library to parse JSON strings. It requires some additional overhead, but not enough to get hung up on.

]]>