MD Anonymous almost 14 years ago I hope you are aware that SWF files are a wide-open XSS vector, and don't put anything important in cookies here? This file could just as easily steal everyone's cookies.
MD Anonymous almost 14 years ago Actually, it seems that adding allowScriptAccess="never" to the embed tag closes this particular hole. You probably want to do that.