Sending multipart/form-data requests from Flash (with arbitrary headers)

Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...