Questions about YUI Uploader and Fluid

Ian Boston ieb at
Fri Mar 7 22:42:30 UTC 2008

There are some wilte intreating comments from about a year back on the flash 8 live docs wiki against the upload method that all of these components use. Flash 9 documentation does not allow user supplied content.

 They all point to a lower level of functionality than is delivered by the browser connection.

I feel that the real question might be, can we live with those limitations. I suspect the requirement for a valid, and full,  SSL certificate is one that we should be able to live with.? What do others think?


Sent from my Pearl, sorry about the briefness and spelling!  

-----Original Message-----
From: Eli Cochran <eli at>

Date: Fri, 7 Mar 2008 10:57:34 
To:Colin Clark <colin.clark at>
Cc:Eli Cochran <eli at>,Ray Davis <ray at>,ian at,fluid-work at
Subject: Re: Questions about YUI Uploader and Fluid

There is something in this response which is both heartening and surprising. It appears because the Yahoo guys are referring to the swfupload forum pages that the YUI uploader and swfupload are, in fact, one in the same. I had always assumed that they'd written their own using the same technique, my mistake. 

- Eli 

On Mar 7, 2008, at 10:53 AM, Colin Clark wrote:


I asked our friend Nate Koetchley at Yahoo! about our concerns with Flash-based uploaders and HTTPS. Here's what his team had to say about the YUI Uploader as an example.

Hope this helps,


Begin forwarded message:

The only issue that I've seen come up with HTTPS had to do with the certificate path matching. Biao from APEX team encountered this, and here's what he had to say:
It seems that Flash upload works in FF over HTTPS with a regular purchased
certificate: <> 

Someone suggested that we make sure "host name in the request matches the
host name in the cert with a fully qualified path". <> 

I noticed our certs were attributed to "*",
when the actual server was "", so
I'm seeing if I can get that changed.

This bug report I found has comments that support both these theories: <> 

I haven't investigated this closely, but this is all I am aware of so far.
Of course there's still that cookie issue in Firefox that they need to be aware of, and proper crossdomain permissions as well.


Colin Clark
Technical Lead, Fluid Project
Adaptive Technology Resource Centre, University of Toronto <> 


. . . . . . . . . . .  .  .   .    .      .         .              .                     .

Eli Cochran
user interaction developer
ETS, UC Berkeley

More information about the fluid-work mailing list