I agree, however I am not sure how that helps me.
Good fun security topic though for CSS, Param tampering and session hijacking.
Further Info if you are up for discussion
I am using Zinc (mdm) to wrap a flash application. The app uses LoadVars to perform a SendAndLoad against a server I do NOT have any control over. As I have no control and as I am in a stand alone player, I can not manipulate very much. Also not being in the same domain as the server limits me further.
I can however prove successful authentication with a GET (as the POST also does not work) and then set a temporary variable to use inside a send POST.
What I need is this information kept so I can use it in the future, bypassing the Login test and variable save.