?

Log in

No account? Create an account
LiveJournal Development [entries|archive|friends|userinfo]
LiveJournal Development

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

April 1st, 2008

Embedding Adobe Flash applets. [Apr. 1st, 2008|05:06 am]
LiveJournal Development

lj_dev

[njyoder]
[Tags|, ]

Isn't there a potential security/privacy/nuisance issue with allowing people to embed arbitrary Flash applets from any website?

I'm not that familiar with Flash's capabilities in terms of reading from or manipulating the web browser, but I know a few other things that can be done.

At the very least, people can use Flash cookies to track users even if their IP address changes. I'm sure that people wouldn't appreciate this.

And of course, it can be made to be a huge nuisance by vastly slowing down a computer and potentially crashing the web browser. Of course, it can also display arbitrary video and play arbitrary audio.

The solution to this, which I previously mistakenly thought was already implemented, is to only allow flash from certain trusted sites, such as YouTube. Since 99% of embedded Flash on LiveJournal is from a relatively small list of websites, this shouldn't be hard to maintain, especially with a submission form to add new websites.
link7 comments|post comment

Bug with svn copy of OS code [Apr. 1st, 2008|10:40 pm]
LiveJournal Development

lj_dev

[magyarok_saman]
[Tags|, ]

I've been having trouble updating the code via svn, so I erased everything, and got a new copy.

I haven't touched anything and this is what I get when I try to restart apache - something is obviously missing in the svn copy of the LJ code:
Read more...Collapse )
link4 comments|post comment

navigation
[ viewing | April 1st, 2008 ]
[ go | Previous Day|Next Day ]