This site is now just an archive over the rise and fall of Flash. The domain is available for sale
Login | Register
flXHR and flensed tools

flXHR and flensed tools

flXHR is a new solution to eliminate cross browser issues by handling the XMLHttpRequests using Flash and then return the result to your favorite JS framework. Flash is omnipresent and it's powerful. Why not tap into the power of Flash - even when you're doing Javascript? That way there's less to download and you can even load data across domains?

Almost everyone has the Flash Player installed. Depending on what statistics you use, more users have Flash than JavaScript enabled. There has been several solutions that use this fact such as Fjax, SWFHttpRequest, FlashXMLHttpRequest and F4A. Now there's a new tool called flXHR that helps with XMLHttpRequests (XHR).

flXHR is an invisible SWF file that is embedded in the HTML page using SWFObject2.1, considered the standard by most Flash developers. This ensure that the page validates and offers very solid detection (and if required also installing) of the Flash Player. flXHR is built not as a replacement to existing Javascript frameworks, but rather a compliment and it's fully XHR compatible making it easy to use with existing code.

The project was started by Kyle Simpson from Getify Solutions Inc, a web development company based in Austin, USA. Existing javascript only solutions has a problem when it comes to making cross-domain calls and this is where flXHR comes in handy. With just a few lines of code, the system can be used with several different Javascript frameworks (Dojo, Prototype, jQuery, etc). After initializing the SWF, all remote calls can be done through the SWF. This solves the cross domain issue and also provides some extras.

According to Kyle, "flXHR implements a number of very helpful extensions to the normal XHR API. flXHR implements a consistent mechanism for timeouts of requests (forward compatible with IE8's XHR).  flXHR also has an error callback mechanism (which none of the XHR's have), so the author can robustly respond to any issues a user's browser may have while using flXHR.  And, flXHR uses another 'flensed' project called CheckPlayer, which does all the dirty work of checking the Flash Player plugin version, initiating auto-updates of the plugin if need-be, and doing the actual dynamic embed of the flXHR.swf asset."

flXHR is also more secure, because it relies on the server administrator providing a server-controlled policy file to allow the access or not. Script-tags and iframe workaround approaches largely happen as anonymous, non-controlled accesses of data.  There's no built in mechanism for authorization, contrary to the security-first Flash uses. flXHR relies on Adobe's mature, solid security model, which I believe provides the most secure (against XSS attacks) solution available out there. There are some limitations to flXHR, but the the advantages should outweigh these in most projects.

Kyle has plans for several other useful projects as well such as flCAPTCHA (a CAPTCHA anti-spam solution), flIMAGE (shows images but prevents rightclick "stealing" of them), flACHEY (for caching of JS libraries) and more. The pages for these are just placeholders, but this is certainly a project to watch for anyone doing web development.

Read more about flXHR and the other tools at


Get new stories first

Click to follow us on Twitter!



No comments for this page.

Submit a comment

Only registered members can comment. Click here to login or here to register