notboring dev blog

By default file listing is deactivated – for a good reason – and that reason is security so please don’t change the default settings. It’s not required to change the apache settings. You can usually enable the file listing for specific directories using the .htaccess files.

Here an example of how to do it using the shell.

First create a new folder eg named “videos”.

mkdir videos

Switch into the folder

cd videos

and create an .htaccess file

vi .htaccess

The editor “vi” should have started. Press “i” to enter the insert mode, then enter the following line (on an empty new line if you don’t edit an empty file):

Options +Indexes

Press “Esc”, then type “wq” and hit return to save the file and leave the editor.

Done.

Of course you can also use FTP or SCP utilities to get the .htaccess file onto the server instead.

When handling support requests for some of the Market Apps that I developed I sometimes received the question if an app runs on one device or another. Since most of my apps are designed to run with a minimum of resources it’s enough to know if that device runs Flash or not. Until lately searching google provided an answer to the question but then I noticed that Adobe has a list of supported devices published.

Check it out:

http://www.adobe.com/flashplatform/certified_devices/

As several news sources quoted Google had to remove more trojan apps from the Android Market. The trojans were noticed when a developer complained about Google publishing his stole App in the market. Upon analysis they found a new trojan which quickly lead to more findings. Here’s the article:

http://blog.mylookout.com/2011/05/security-alert-droiddreamlight-new-malware-from-the-developers-of-droiddream/

It’s really time that Google starts to work on the quality of their approval process. While everybody is happy that Google is not censoring as much as Apple, there’s no reason why Google doesn’t even automatically scan software for illegal copies or trojan related code but still takes 30% of every app.

There’s an interessting security related posting that doesn’t just explain how fake Angry Bird levels have been using to install further apps with full system rights – it also explains how the market processes look like:

http://blog.duosecurity.com/2011/05/when-angry-birds-attack-android-edition/

Lodsys is suing developers using the App Store In-App purchase function:

http://www.macrumors.com/2011/05/13/lodsys-threatens-to-sue-app-store-developers-over-purchase-links/

Update: Apple states that they licensed the patents in question: http://www.9to5mac.com/68561/apple-makes-statement-on-lodsys-patent-claims-says-developers-are-covered-under-its-license/

Update 2: Lodsys doesn’t agree on Apples statement as they posted on their company blog: http://www.lodsys.com/blog.html

A simple way to avoid caching of static files that get replaced sometimes is by appending a ?r=randomNumber to the filename. For webservers everything behind the ? are dynamic parameters using the format variable1=value1&variable2=value2… and so on. As long as you don’t handle those parameters in your scripts they get ignored by the server. The browser on the other hand thinks that the parameter changes the content thus asks for the new data from the server instead of grabbing existing content from the cache.

var filename:String="somefile.xml?r="+(Math.random()*99999999999);

While this works online it won’t work when you test locally inside the Flash IDE. Why? Simple. The file system is not a webserver thus interpretes the parameters as part of the filename. Since we don’t want this to happen when testing in the IDE and it’s prone to cause errors on the long run if you out comment that line during tests you need to find a way to only add the random parameter when not testing locally. Here’s the way to do it:

var filename:String="somefile.xml";
if(root.loaderInfo.loaderURL.substr(0,5)!="file:"){
	xmlFile+="?"+(Math.random()*99999999999);
}

In Actionscript 2 you had _root._url and in Actionscript 3 you got “root.loaderInfo.loaderURL” where root of course needs to be available in the local context, eg if you run the script on the time line or in an instance of the MovieClip class. “root.loaderInfo.loaderURL” contains the URL where the SWF file has been loaded from. In case of local testing this is something like “file:///d:/testfolder/test.swf” and in case of the file being online it’s something like “http://notboring.org/test.swf”. Thus you only need to check for the first characters of the URL and you know if you execute the file locally or from a HTTP server.

It looks like the new extended Apple AppStore purchasing policy killed the first iPad publisher:

http://moconews.net/article/419-iflowreader-latest-app-to-shut-up-shop-blames-apples-iap-agency-models/

Steven Job said that Flash is too slow for the iOs platform, then claiming HTML 5 would be the better solution. To see how great HTML5 works on the iPad, watch this:

Seems Mr. Jobs didn’t knew what he was talking about.

The same demos on Android:

Martin Adamek, the author of apddroid, a tool that allows you to quickly change the apn on android devices, got his app removed from the Android Market by Google.

How? He added Push Ads from AirPush which sends an Ad once a day to the phone owner – using push messages that don’t seem to come from any specific app on first view.

Of course this is highly annoying for the users, they get alerts on their mobile devices that look like they might be important but then find out it’s an advertisment. Since this frustrated users, the app got reported to Google who then took it out of the Market.

Read the authors blog posting on his side of the story:

http://www.martinadamek.com/2011/04/28/apndroid-is-suspended-on-the-android-market/

Running Adobe Media Encoder on a system with a virus scanner, AME might not delete its cache/work files. Those files can be several gigabytes of size.

To delete those cache files go to:

[users folder]\[your profile]\AppData\Roaming\Adobe\Common

There you’ll find a folder “Media Cache Files”, delete everything inside. Make sure AME is closed when you do so. In some cases you also need to disable the virus scanner first.