Server side Flash Detection
It would be useful if it worked reliably. According to the Flash 6 release notes "The player installation process now configures the browser to add the Flash MIME-type (application/x-shockwave-flash) to the HTTP Accept header. This enables server-side Flash Player detection." This worked fine on Internet Explorer on Windows, but with Netscape 7.02 using the flash player that comes with it, it doesn't add the header.
Here's some ColdFusion code to test this out:
<cfdump var="#GetHTTPRequestData()#"> <cfset req = GetHttpRequestData()> <cfif req.headers.accept contains "application/x-shockwave-flash"> You have Flash 6 or above. </cfif>
Additionally the HTTP accept header sent by IE when you reload the page is just "*/*", causing potential problems even if the header was present on all browsers.
Server side flash validation would be very useful, especially for remoting apps where Flash 6 is requeired anyways. It would have been a clean way to perhaps display a HTML version of the application.
I will test this out some more next week (I'm curious how it will work on Linux) when we get back to the states.
Like this? Follow me ↯Tweet Follow @pfreitag
Server side Flash Detection was first published on April 15, 2003.
The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.