In my Flex application, users need to be able to upload and download content. However, this content is access restricted, and I need to do a permissions check before allowing the upload/download. The user clicks a link, and then selects a file using the FileReference class. The FileReference class doesn't attach cookie information, so I can't use a session.
I want to implement a 2 step process where the client first pings the server to get a one-time-use token, and then does the upload or download with the one-time-use token as a parameter. However, this plan is being foiled by error #2176, which is apparently a security fix to FP10, that only allows uploads/download to be triggered during a MouseEvent propogation. Anyways around this?