Comments on: ExternalInterface bug can mangle data from JavaScript https://joshblog.net/2007/12/16/flash-player-9-external-interface-bug/ Archive of older blog posts written by Josh Tynjala about Flash, Flex, and ActionScript Wed, 26 Jun 2013 02:52:46 +0000 hourly 1 https://wordpress.org/?v=4.9.9 By: Marlin https://joshblog.net/2007/12/16/flash-player-9-external-interface-bug/#comment-1546 Mon, 02 Mar 2009 22:08:43 +0000 http://www.zeuslabs.us/2007/12/16/flash-player-9-external-interface-bug/#comment-1546 I realize this is more than two years old, but this blog is also indexed by Google and no doubt comes up from time to time.

The bug you have noted where <![CDATA[ is not handled correctly has been described by Brad Newberg here:

http://codinginparadise.org/weblog/2006/02/how-to-speed-up-flash-8s.html

Here is Brad’s explanation:
I found all of the JavaScript serialization methods in the Flash player (and they are in JavaScript) by using the Microsoft Debugger (they all live on window.parent; you’ll see them appear a few seconds after the Flash player loads). These methods handle all of the serialization and deserialization and all begin with the name __flash__. It turns out that they ARE using XML internally, and did not implement a real XML parser on the C++/Flash side which can correctly handle CDATA sections. They are also doing evals(), which is one of the reasons it is slow.

]]> By: caryl https://joshblog.net/2007/12/16/flash-player-9-external-interface-bug/#comment-1545 Fri, 12 Sep 2008 19:08:29 +0000 http://www.zeuslabs.us/2007/12/16/flash-player-9-external-interface-bug/#comment-1545 Good 235rter2rwer23r

]]>