Started working on a new extremely cool project this weekend. Actually I started evaluating it already a few weeks ago, but haven't had time to really code anything before now. It's an open-source project. While I've participated in fixing bugs and doing some minor things for numerous open-source projects in the past, this is the first one I'm planning to do major development work myself. I'm convinced that open-source and Sourceforge like model produces superior quality of code compared to commercial programming models in the long run. It seems that in this particular project lots of good and right design decisions have already been made. Every participant seem to enjoy using state-of-the art tools and best-practices of o-o and making elegant, simple designs to not only achieve the objective but to achieve the objective in the best possible way and style.
When you care enough about programming to compare the implemented solutions to other choices available and try to find the optimal, elegant solutions beautiful in their simpilicity, rather than "just making the damn stuff work", coding suddenly becomes more of a form or art than a mechanical work exercise. I really enjoy working in this kind of environment and with people whose skills I highly respect. To me, it's a wonderful experience that I've actually lacked and missed in the past years of my professional work. It's also sort of "back to the roots" thing for me since I haven't written anything major in Java for a while.
Especially nice is to work with the latest Java SDK and plans to move to 1.5 Tiger as soon as it becomes available without having to worry about backwards compatibility and being frustrated with missing features of some older SDK, as so many times in commercial projects. Being a geek I am, Tiger release is the next big thing to wait for after the release of Opteron and Athon64, which in my (diversed techology interests) books, were pretty big things.
Sorry I can't be more exact on the project yet since I have a bit bigger plans for this one. I seriously consider and hope to make a living with this sometime in the future though it might take a while to reach that point.
After warming up with a few random thoughts, let's get to the real business.
Say you wanted to store persistent data and share it between Flash movies from different domains. That's not possibly because of the Flash security sand box for Shared Objects, right? Not quite. I just happened to come across this when a half a year ago I was trying to solve this issue for an application that needed to work both in online and locally in offline modes. The problem is that while the application is really the same, it cannot use the same shared object because it's running in two different domains (localhost for offline and your server for online mode).
I tried a couple of things to go around this problem, like trying to change the _url property of the movie, but while it's possible to change it, it still doesn't change the persistent shared object location for that movie.
You can also try to load the cached version of the movieclip to go around the problem, but naturally it only works if there is a cached version and often you can't guarantee that.
So I kept testing and finally found a viable solution. The trick is to use a local (persistent) version of a remote shared object. Normally, your offline movie is still limited to access to localhost domain and Flash doesn't allow you to use "/.." as a URI. You are allowed to use a parent directory (..), but not multiple sub-sequent ones in your URI. However, looks like MM engineers missed one check, since you can specify "./.." as the URI and thus be able to access the root directory of the shared object data folder, eg. C:\Documents and Settings\yourUserAccount\Application Data\Macromedia\Flash Player.
Test this:
test_so = SharedObject.getRemote("FCTest", "rtmp:/./..", "/");
test_so.data.value1 = "test1";
trace("test_so " + test_so.data.value1);
And do not try to connect the shared object. Then find out where the player created the file FCTest.sor.
It's certainly a security hole or at least unintended behaviour, though I can't immediately figure out how you could exploit this for harmful purposes. I've tested it both with the stand-alone Flash player and through a browser, and you could happily read and write to the shared object. I also just tested that with the new player (7.0.14) and it still works. Generally, it seems that a locally persistent version of a Remote Shared Object is implemented exactly like a Local Shared Object.
A couple of notes: "rtmp:/" has to be specified in the URI, otherwise it
won't work. It'll write the shared object to the "Flash Player" folder,
which is the parent directory of the domain directories. The last parameter,
"/", has to be specified to make the shared object locally persistent. Since this is a fairly harmless bug, it's unlikely that Macromedia will fix this if no one will tell them, and I doubt that. It's in any case useful for some purposes, so let's just keep it as our little secret :)
And btw, since this is my first Flash post, I just like to state that I'm not a fan of Flash and I don't like too much programming in it. It's just something I've needed to do for awhile. While I've always been saying that the language you are programming in does not really matter, after many years of programming in Java, Delphi and Smalltalk, Flash is just unbelievably frustrating at times :( Though good thing it's not as bad as VB/script.
(Took quite some time for the DNS entry to propagate. Finally it resolves, another wohoo!)
First of all, I'll tell you I have zero aptitude for exhibitionism. I don't think anyone is interested in when I washed my laundry, ate, took a shit etc. Why would I even want to tell the whole world about the same things everybody else do as well? While I have nothing to hide, I have no desire to become famous either. Thus, my identity and what I do in real life (yes I still try to think I have a life :) is not relevant. If somebody really wants to track me down, go knock yourself out, it's not hard at all.
I founded the site solely for giving myself a way to express my thoughts. While I've always had strong opinions on things I believe I know well, I've often kept them to myself. After all, how the hell should I know anything better than somebody else? However, over the years, I've started thinking that hey, maybe I do have something to say. Maybe it does matter what people say. Maybe it isn't so bad to let everybody else know your opinion, even if it's wrong. Can an opinion be wrong?
I'm always curious about anything new, fascinated by gadgets, cool toys, how things work and technology in general. However, I find little purpose for equipment that don't do anything practical. My profession is in software. As such, the topics I'm posting about are most likely programming, techology and science related, with occasional ponderings of crazy phenomena in modern society. Who'll be the lucky Darwin award winner the next year? The cool thing about blogs is that I don't have to limit myself to certain topic. I'll just post the greatest thoughts I've had (and believe me I'm not going to post all of them) and hope that they'll be useful and entertaining for others, or at least provoke somebody else something to think about and to comment on.
Wohoo. I just went live with my web site - which has been almost 10 years in making or rather in planning. Will post justifications why this site should exist in the near days once the domain name resolves correctly.