My website contains Adobe Flash-based content (uses a plugin provided by another source so not something I have control over).
Unfortunately, when I go to some clients, the Flash-based content will not show. Since this is a critical part of my website this is a problem.
I am curious how their IT people are blocking this. Note: I AM NOT asking how to hack around what they have done. I would like to know what they are doing so I can talk to them (in an informed way) about how we might resolve the problem.
I have Googled this but so far just seeing how to turn it off with a registry hack. Pretty sure there is something else going on since my laptop is affected as well.
IT guy here they could be blocking it a number of ways, not having flash installed, a browser setting the push to all the machines, at the router level you can block certain things like flash, activex, etc
There are many ways that this can be accomplished, both on the client side and via a web proxy. On the client side, the IT department can simply elect not to install the Flash plugin on the business machines. Users may not be able to install it themselves if they don’t have administrator rights to the machines. On the proxy side, the IT department can set up their network such that all web traffic gets routed through a proxy server. The proxy server can listen to all inbound traffic and block Flash, perhaps by recognizing the MIME content type in the HTTP headers, or failing that by looking for magic numbers or other identifying patterns.
Typically, its done on the firewall which is smart enough to analyze the packets from the website, see the embed flash hypertext and just replace it with whatever hypertext they want like “This is blocked due to a security policy.”
This can be done locally too, but its doubtful most shops would do that. Its better to have central control.
Ideally you should ask them to unblock your site’s content previous to visiting. I don’t think you need to get more technical than saying “Our site has embedded flash, please whitelist it so I can give my presentation.”
IT guy here.
Another way to feck flash up and one I’ve seen a major financial services firm use is through a mms.cfg file.
The file is stored in C:\Windows\System32\Macromed\Flash and if present will control the setting no matter what you set yourself using the application. By setting things like “LocalStorageLimit” you can effectively stop Flash running videos on sites.
There are lots of other ways to do this.
>Can they whitelist a specific site to allow it to use Flash on their user’s PCs?
Sure, I do it all the time in my IDS/Content blocking system at work.
I’d also consider working around this when they wont unblock you by doing a remote desktop session (assuming they arent blocking RDP or VPN) and showing it off from there. Or a gotomeeting or whatever. Heck, a 4G verizon card is $50 a month. You should always have some workaround prepared, even if its a video or slideshow if the live presentation doesn’t work. I learned early on in life not to trust any technology when it comes to any sort of live event.