kottke.org

...is a weblog about the liberal arts 2.0 edited by Jason Kottke since March 1998 (archives). You can read about me and kottke.org here. If you've got questions, concerns, or interesting links, send them along.

With AJAX MAssive Storage System (AMASS) a

With AJAX MAssive Storage System (AMASS) a web page can store large amounts of data on a computer using hidden Flash applets. Brilliant hack, but seems like a potential security concern (an AMASS-like app could just fill up a hard drive without prompting, no?). I just looked at this briefly...would this allow one to run something like GMail offline? (I'm thinking not.) (via waxy)

By Jason Kottke    Oct 20, 2005 at 02:13 pm    Ajax   Flash   Gmail   Javascript   security   web development

There are 8 reader comments

Jordan    Oct 20 2005    2:30PM

By default Flash will only store 100kb for any given Flash movie; if one tries to exceed 100kb, Flash prompts the user to ask if they'll allow it to store more.

jkottke    Oct 20 2005    3:00PM

Ah, ok...it's Flash doing the prompting then, and not AMASS.

Brad Neuberg    Oct 20 2005    3:41PM

I'm the AMASS lead developer; Jordan is right. Flash prompts, which AMASS detects, making an HTML DIV that appears above the HTML content, containing the Flash file so it just contains Flash's "Do you approve or disapprove of this storage?" dialog.

AMASS is one of the necessary pieces for offline use, but it's not enough. I'd like to crack that nut; figure out a way to have offline use in existing browsers.

Mike Nowak    Oct 20 2005    3:52PM

I really don't like seeing Shared Objects used for storing data on a client machine. It's already being abused by advertising types. I'd hate to see it abused by developer types.

The major problem with SOs is that they are much more hidden than cookies so it's harder for the less savvy people to clear them or see how they're being tracked.

Go here to see what's on your system:
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Or use this Firefox extension
http://www.yardley.ca/objection/
(I can't vouch for how good it is because I use FlashBlock).

Alexandre    Oct 20 2005    5:22PM

Gmail offline would be awesome. If I could reply to messages without wireless.... well... That would be amazing.

Nels    Oct 21 2005    10:26AM

Indeed, Mike. I don't let Flash put stuff on my local file system. Ever.

Geoff    Oct 21 2005    11:09AM

It might be interesting to come up with a system that uses muliple Flash movies, 100kb in each so you avoid the dialog boxes asking for more space. Sort of a Shared Object RAID array or something.

But I guess Shared Objects store data based on the URL of the movie, so it would take a dynamic swf generator so the URLs are unique (or is it based off the domain?).

Anyway, might be a cool thing to look into.

Brad Neuberg    Oct 21 2005    6:00PM

The security of SharedObjects is fine; see a new blog post on AMASS at http://codinginparadise.org/weblog/2005/10/amass-update.html

This thread is closed to new comments. Thanks to everyone who responded.

kottke.org, quickly...

The best way to get a sense of what kottke.org is all about is to head to the front page or check out some random entries from the archives. Follow kottke.org via RSS or Twitter.

Want to share your something special with kottke.org's readers? Sponsor the RSS feed for a week!

Looking for work?

See more on the Job Board.

Recommended sites

David Archer    Matthew Paul Thomas    Rebecky    greg.org    jimr(ay)    evhead    panopticist    strange maps    Nivi    Type for you.    Airbag    Ikeepadiary    The Pop!Tech Blog    Eater    tremble.com    Frumination    Personism    NYT Science    Idle Words    The Laboratorium