Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Embedded Video


  • Please log in to reply
6 replies to this topic

#1 webrat

webrat

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:49 PM

Posted 21 May 2008 - 08:09 AM

Hey folks,

I'm currently playing around with some video for my site but am trying to use a method that does not trigger script/activeX alerts every time someone loads the page or activates the video - it's annoying and looks dodgy.

I'm wondering if Flash would be good for this? I have not used it but having visited a number of sites that do it seems to offer what I want. Bottom line - I don't know enough about it or the alternatives. Any thoughts?

Cheers

Jason

BC AdBot (Login to Remove)

 


#2 pcmaddeanp

pcmaddeanp

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southampton, UK
  • Local time:04:49 PM

Posted 21 May 2008 - 09:44 AM

Hi,

Great tutorial!

I found a website that can do it all for you without any hassle!

http://www.favicon.co.uk

pcmaddeanp

Server Room Geek - IT Professionals Community


#3 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:09:49 AM

Posted 21 May 2008 - 03:06 PM

it's annoying and looks dodgy.


Actually, browsers are designed to do just that; alert the user when some control wishes to run on the target computer. Blame the malware authors... they took advantage of that hole, and developers closed it. I don't want anything running on my system that I don't know about, do you? To me it is dodgy when one is trying to figure out a way to bypass the built in security.

#4 webrat

webrat
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:49 PM

Posted 22 May 2008 - 08:46 AM

Hey Groovicus,

I'm not trying to bypass anything. If that's the only way that works then so be it. I'm no malware designer or anything of the sort, if I was I wouldn't need to ask these kind of questions and I agree on-line security is hugely important. :thumbsup:

But I am puzzled by the fact that some sites I visit (well known, big time social networking sites for example) allow you to watch video apparently without having to make that kind of decision, making it a more 'user friendly' environment. That's what prompted the question.

Cheers

Jason

#5 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:09:49 AM

Posted 22 May 2008 - 08:58 AM

Some types of embedded elements are only allowed to run withing the confines of the browser (youtube, for example). Since nothing can be done in (certain) video formats that can escape the sandbox, there is no need to prompt the user to allow controls to run.

I didn't mean to make it sound like I was accusing you of any malicious behavior.... I just didn't explain myself very well. :thumbsup:

#6 splodge

splodge

  • Banned
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:49 AM

Posted 24 May 2008 - 08:52 AM

i run video on most of my sites, i always use flash to edit and run them and i never get the dodgey popups,
click on the goth baby top of this page http://www.hallcross.co.uk/index3.html

PS if you are testing the site on your local server/your computer you will always get the warning popups untill the site is launced and on the web

#7 webrat

webrat
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:49 PM

Posted 24 May 2008 - 02:21 PM

Hey splodge,

The video is awesome. I wasn't sure whether to laugh or be very nervous but either way it got a bookmark. After another trip to the library I'd assumed that the alert was triggered by the use of an active-X control and the permissions that go along with it , so your post answwers the next question I had which was 'is it a local issue'.

So, if I understand correctly, when my site is uploaded, the alert would not be triggered as long as the user has the appropriate plug-in as it will not act in a way that causes the alert (based on not seeing one when I played your video) whereas currently it is within the host and will always trigger it by default.

Cheers

Jason




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users