Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

youtube addon for FCKeditor
Goto page Previous  1, 2		 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> v2.4 RN Issues
Author Message
neralex
Site Admin



Joined: Aug 22, 2007
Posts: 1775
PostPosted: Sun Jan 20, 2013 12:02 pm Reply with quote
unicornio wrote:
I'm glad it worked for you semperaye but becareful with flash. It is very dangerous and can compromise your site.
Wink


What is dangerous with the using of flash and youtube?

An iframe is a risk not a flash object. External frames can load bad code into your page. But i think with youtube is it not a problem.

Rolling Eyes

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
PostPosted: Mon Jan 21, 2013 7:32 am Reply with quote
If you control the flash object, then I would agree with you neralex. I also agree, in general, about YouTube.

<EDITORIAL COMMENT>
Flash, in general, is active content and can be exploited just as the Java plug-in can and has many attack vectors. Which is why I use tools to disable both by default and then allows me to whitelist a site if I so choose.
</EDITORIAL COMMENT>

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
hicuxunicorniobestbuildpc
The Mouse Is Extension Of Arm



Joined: Aug 13, 2009
Posts: 1123
PostPosted: Mon Jan 21, 2013 10:07 am Reply with quote
this is just ax example. Most of the time I decode Flash files in order to take a look at the action script.

http://securitylabs.websense.com/content/Blogs/3165.aspx
 
View user's profile Send private message
neralex
PostPosted: Mon Jan 21, 2013 3:56 pm Reply with quote
montego, yes i know it and you suggestion is the best solution.

unicornio, this not realy an example to say: "flash in general is dangerous"! You can do it with other things on the same way. Anyway. One should never embed external content unaudited. But to decode flash objects I find something pointlessly.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> v2.4 RN Issues
Goto page Previous  1, 2

 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©