Flash Media Server Developer Documentation

Allow and deny connections from specific domains

If you know the domains from which the legitimate clients will be connecting, you can whitelist those domains. Conversely, you can blacklist known bad domains.

You can enter a static list of the domain names in the Adaptor.xml file. For more information, see Adobe Flash Media Server Configuration and Administration Guide.

You can also maintain these lists in your own server-side code and files. In the following example, a file named bannedIPList.txt contains a list of excluded IP addresses, which can be edited on the fly:

// bannedIPList.txt file contents:
// 192.168.0.1
// 128.493.33.0

function getBannedIPList() {
    var bannedIPFile = new File ("bannedIPList.txt") ;
    bannedIPFile.open("text","read");
    
    application.bannedIPList = bannedIPFile.readAll();
    
    bannedIPFile.close();
    delete bannedIPFile;
}

application.onConnect = function(pClient) {
    var isIPOK = true;
    getBannedIPList();
    for (var index=0; index<this.bannedIPList.length; index++) {
        var currentIP = this.bannedIPList[index];
        if (pClient.ip == currentIP) {
            isIPOK = false;
            trace("ip was rejected");
            break;
        }
    }
    
    if (isIPOK) {
        this.acceptConnection(pClient);
    } else {
        this.rejectConnection(pClient);
    }
}

In addition, you can create server-side code to check if requests are coming in too quickly from a particular domain:

application.VERIFY_TIMEOUT_VALUE = 2000;

Client.prototype.verifyTimeOut = function() {
    trace (">>>> Closing Connection")
    clearInterval(this.$verifyTimeOut);
    application.disconnect(this);
}

function VerifyClientHandler(pClient) {
    this.onResult = function (pClientRet) {
        // if the client returns the correct key, then clear timer
        if (pClientRet.key == pClient.verifyKey.key) {
            trace("Connection Passed");
            clearInterval(pClient.$verifyTimeOut);
        }
    }
}

application.onConnect = function(pClient) {
    this.acceptConnection(pClient);

    // create a random key and package within an Object
    pClient.verifyKey = ({key: Math.random()});
    
    // send the key to the client
    pClient.call("verifyClient",
        new VerifyClientHandler(pClient),
        pClient.verifyKey);

    // set a wait timer
    pClient.$verifyTimeOut = setInterval(pClient, 
                                      $verifyTimeOut, 
                                      this.VERIFY_TIMEOUT_VALUE, 
                                      pClient);
}

application.onDisconnect = function(pClient) {
    clearInterval(pClient.$verifyTimeOut);
}