WoLeRiNe` Posted October 18, 2006 Posted October 18, 2006 Hi,Why you don't insert the YouTube(Google)Video, Media Player and FLASH in EDITOR as others board?Why We must install the mods for this?It must be original on IPB :whistle:
Microo Posted October 18, 2006 Posted October 18, 2006 -1 because of security risksAlso BIG -1... It could make the board more exploitable...
WoLeRiNe` Posted October 18, 2006 Posted October 18, 2006 Also BIG -1... It could make the board more exploitable...The Security Patch(Code)s do what?They must be SECURLY before of course...
theclub Posted October 18, 2006 Posted October 18, 2006 +1Thousands of forums have these mods on, and there haven't been any news of exploits that l've seen. :thumbsup:
Keven Fox Posted October 18, 2006 Posted October 18, 2006 All these -1 due to security flaw potential, yet why do so many sites override that to make them work? I'm sure there could be a way to view them and still be secure?
Management Matt Posted October 18, 2006 Management Posted October 18, 2006 It's not going to happen. It would open up many potential CRSF / XSS attacks.
Lee69 Posted October 18, 2006 Posted October 18, 2006 It's not going to happen. It would open up many potential CRSF / XSS attacks.And there's abolsutely no way around this? Such a needed feature. :unsure:
Strange_Will Posted October 18, 2006 Posted October 18, 2006 The Security Patch(Code)s do what?They must be SECURLY before of course...Nope, Flash is a very good way to run lots of bad code, and IPB can't re-program flash :P
theclub Posted October 18, 2006 Posted October 18, 2006 I would say this is easily left to bbcodesIt's my understanding that that was what the author of this thread was asking for, that the BB Code was included, and a button added to the editors. <_<
ellawella Posted October 18, 2006 Posted October 18, 2006 It's my understanding that that was what the author of this thread was asking for, that the BB Code was included, and a button added to the editors. <_<Uh, no, Brandon's saying that this can already be accomplished with custom BBCodes, as can a whole host of other things which might put your site in danger of being exploited :rolleyes:
Keith J. Kacin Posted October 18, 2006 Posted October 18, 2006 Here is a quick Custom BBCode for YouTube.Now I am sure there is an easier way, but oh well.Custom example: _isVdeRwnusCustom tag: Option? NoCustom BBCode Replacement:<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/{content}"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/{content}" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>------------Here is a YouTube video link:http://youtube.com/watch?v=_isVdeRwnusYou would just have to have them put in whatever was after: http://youtube.com/watch?v=Which in this case is:_isVdeRwnus
theclub Posted October 18, 2006 Posted October 18, 2006 Uh, no, Brandon's saying that this can already be accomplished with custom BBCodes, as can a whole host of other things which might put your site in danger of being exploited :rolleyes:Brandon mentioned nothing about "a whole host of other things which might put your site in danger of being exploited"He said .. "I would say this is easily left to bbcodes - even custom bbcodes can accomplish this."It was this remark I answered, referring to TurXaliM's original post. :cool:
bfarber Posted October 18, 2006 Posted October 18, 2006 I did, indeed, mean custom bbcodes - or modifications that add new bbcodes (including buttons). There are certainly going to be a large enough portion of users that don't want the bbcode that would make it better left not as a default item.
Strange_Will Posted October 18, 2006 Posted October 18, 2006 @Keith:How safe is that method? Being as you're forcing Youtube.com it's pretty safe, no?
Keith J. Kacin Posted October 18, 2006 Posted October 18, 2006 @Keith:How safe is that method? Being as you're forcing Youtube.com it's pretty safe, no?I would say it is pretty safe... but then again, it is only as safe as HTML allows it to be. I cannot vouch for any security of this BBCode, as I made it in around 2 minutes. :D
WoLeRiNe` Posted October 18, 2006 Posted October 18, 2006 as I made it in around 2 minutes. :D :thumbsup: It's Super...And for Media Player of the Windows?It's safe also, i think... :unsure:
Strange_Will Posted October 18, 2006 Posted October 18, 2006 :thumbsup: It's Super...And for Media Player of the Windows?It's safe also, i think... :unsure:I think the issue is that with a regular WMP one you can direct it to ANY media, including dangerous ones.
Dark Phantom Posted October 18, 2006 Posted October 18, 2006 I really wish I had a big fluffy bat that I could smack people with, having video attachtments on a page, is something I hate and think its really good staff agree that this sort of requested feature is a huge security risk.Till the internet is not a hostile place, I see no need for this feature, at least not till a more secure type of linkage at least.In 5 years, when security is better ( I hope ), then I will support this feature in products like IPB
Keven Fox Posted October 19, 2006 Posted October 19, 2006 I really wish I had a big fluffy bat that I could smack people with, having video attachtments on a page, is something I hate and think its really good staff agree that this sort of requested feature is a huge security risk.Till the internet is not a hostile place, I see no need for this feature, at least not till a more secure type of linkage at least.In 5 years, when security is better ( I hope ), then I will support this feature in products like IPBWith the big fluffy bat it seems you're contributing to the "hostility" of the internet :D
Mat Barrie Posted October 19, 2006 Posted October 19, 2006 I think the issue is that with a regular WMP one you can direct it to ANY media, including dangerous ones.Mmmhmm, biggest problem is the flawed implementation of WMDRM License Acquisition. In fact, a while ago the recording industry came under fire for placing spyware in the license acquisition process for media files on the P2P networks. Frighteningly enough, Windows Media Player's license acquisition process runs at an even higher level than most IE windows and leaves all sorts of gates wide open for virii and spyware.If you do this, be sure you know what you're getting yourself and your viewers into.
ellawella Posted October 19, 2006 Posted October 19, 2006 This thread just goes to show how many op kiddies there are still around. Hopefully though their boards will die an agonising death through lack of activity and the internet will once again be ruled by those of us who know what we're doing and/or have at least half a brain cell to play with.
Mat Barrie Posted October 19, 2006 Posted October 19, 2006 This thread just goes to show how many op kiddies there are still around. Hopefully though their boards will die an agonising death through lack of activity and the internet will once again be ruled by those of us who know what we're doing and/or have at least half a brain cell to play with.I'm confused as to who you're attacking here... those willing to install security risks on their forum just for the sake of having mods (which don't represent all mod users, some are very careful which mods they install)? Or those who wont install a modification because they're pretty sure it poses a risk?
Recommended Posts
Archived
This topic is now archived and is closed to further replies.