Source code

Revision control

Other Tools

1
=========================
2
List Based Flash Blocking
3
=========================
4
5
List based Flash blocking currently uses six lists.
6
The lists specify what domains/subdomains Flash is allowed to or denied from loading on.
7
The domains specified by the lists indicate the domain of the document that the Flash is loaded in, not the domain hosting the Flash content itself.
8
9
* Allow List
10
* Allow Exceptions List
11
* Deny List
12
* Deny Exceptions List
13
* Sub-Document Deny List
14
* Sub-Document Deny Exceptions List
15
16
If a page is on a list and the corresponding "Exceptions List", it is treated as though it is not on that list.
17
18
Classification
19
==============
20
21
Documents can be classified as Allow, Deny or Unknown.
22
Documents with an Allow classification may load Flash normally.
23
Documents with a Deny classification may not load Flash at all.
24
A Deny classification overrides an Allow classification.
25
The Unknown classification is the fall-through classification; it essentially just means that the document did not receive an Allow or Deny classification.
26
Documents with an Unknown classification will have Flash set to Click To Activate.
27
28
If the document is at the top level (its address is in the URL bar), then the Deny List is checked first followed by the Allow List to determine its classification.
29
30
If the document is not at the top level, it will receive a Deny classification if the classification of the parent document is Deny or if the document is on the Deny List.
31
It will also receive a Deny classification if the sub-document is not same-origin and the document is on the Sub-Document Deny List.
32
If the document did not receive a Deny classification, it can receive an Allow classification if it is on the Allow List or if the parent document received an Allow classification.
33
34
If for any reason, the document has a null principal, it will receive a Deny classification.
35
Some examples of documents that would have a null principal are:
36
37
* Data URIs <https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs> loaded directly from the URL bar. Data URIs loaded by a page should inherit the loading page's permissions.
38
* URIs that are rendered with the JSON viewer