Allow Embedded Files!
I find your “I do not really want to leave wordpress …” statement puzzling. Haven’t you read the pink sticky at the head of the forum? You can hack your theme from here to eternity and go crazy with embeds by self-hosting or becoming webhosted.
Please read this thread http://wordpress.com/forums/topic.php?id=3700&replies=1.
If you’re not happy here at wordpress.com then please feel free to go to http://wordpress.org/hosting. You can check out the minimum requirements for self hosting and go for that if you prefer http://wordpress.org.
Here’s a symantec research thread on the security issues but I’m sure you know how to use search engines and find even more information and specifically limit the searches to your exact needs Link
[Link fixed – drmike]
Podz quotes Symantec (as does timethief later):
That’s absolutely hilarious. I’ve always considered Norton AntiVirus to BE a virus, and if you’ve ever tried COMPLETELY removing their software folders, registry entries etc, I’m sure you’d agree.
It never came.
I went to AVG, and IT installed perfectly
So… Why should I trust Symantec’s advice?
Their software was essentially un-installable, their “support” couldn’t support their most current software on a 3 month old compaq computer running windows, and I was LIED to.
How it relates to wordpress.com:
Right now, I can’t even get a YouTube playlist to work on my blog with a [youtube= tag, which means I would have to use the individual file links for each and every youtube embed from the playlist.
My postings need 2 embedded players on page like I need a hole in my head.
I’m sorely disappointed at the lack of versatility @ wordpress.com, and it seems to be due to irrational paranoia propagated by companies (like Symantec).
I agree about Norton – it’s the first thing I remove from anyone’s machine. It’s nasty code.
But it’s not what Symantec said. It’s what others have experienced. JS exploits damaged Myspace and LJ. That is not irrational. It happened.
It’s not lack of versatility – it’s putting security before features.
OMG ^^ I do believe you just made a blog post in the ideas forum. And it’s double trouble anti-security rant against the big guys – symantec and wordpress.com – putting them in the same corner yet!? OMG perhaps he/she has been imbibing or ingesting off world substances? [she speculated]
Granted it’s an unusual trajectory type of approach but who knows it may bring you the attention you seem to be targeting. However, IMO the weakness that comes with taking this tack is that it probably won’t further your case, that is, unless digging a hole and burying your bone is the direction you’re intending.
Just another out of order opinion from a very part-time stand down comedian [she snickered]. *lol*
@drmike, podz and wank … I couldn’t help it … OH NO! here comes podz with the hook …
OMG ^^ I do believe you just made a blog post in the ideas forum. And it’s double trouble security rant against symantec and wordpress.com. Have you been imbibing or ingesting off world substances? [she chuckeled] Granted it’s an unusual trajectory type approach but who knows it may bring you the attention you seem to be targeting. Hoever, IMO the weakness that comes with taking this tack is that it probably won’t further your case unless digging a hole and burying your bone is the direction you’re intending. Just an opinion from a very part-time stand down comedian. *lol*
Not a blog post, just stating the reason for my belief that we are blindly following sources that provoke panic when a FEW of the …it must be billions by now… computers in the world have a problem.
… and IF IT IS such a grave hazard to the server side, then why would Yahoo! or any other host allow the scripts on THEIR servers?
Why should the hosting servers at wordpress be more at risk than they?
…and I wasn’t ‘ranting’ on wordpress.com, I was just stating my disappointment.
WordPress is a wonderful blogging tool, it’s simple easy to use and it is well run and it isn’t just the tool (anyone can copy a tool), it’s everything about it that has created a such a loyal following of users. Which is not to say it doesn’t have limitations. But it is really frustrating to want to do something (pretty basic in my opinion, and that I should be able to do) only to be told that there’s one of a number of reasons why I can’t. As there is no charge for WP, I’m not a “customer” but whether a user or a customer, I don’t care about the reasons, only that I’m unable to do what I’d like to do on my blog. On the subject of stats I bet WP can track every user to the nth degree.
Granted not everyone is interested in adding embeds or other things to their blogs, or doing more than ooh and aah over their page views, content with incomplete stats, but others do and will want to do more. I could care less about having a new theme every minute (all singing all dancing to boot), to others it is important to have hundreds. As my blogging evolves maybe one day I’ll want to embed files, and then of course I’ll have a problem, because I won’t be able to do it. So, even though I do not want to move to .org, for flexibilty I might have to. It is a serious condsideration, which to me, is a pity.
By all means be defensive of WordPress but lighten up having a go at folks and “inputing to them things (anti-security anti-wordpress? where?) they really are not guilty of.
FOUR days ago when I wrote this lighthearted and joking response to leighm I was chuckling and laughing. If I’d been any lighter when I wrote my tongue in cheek anti-wordpress and anti-security response FOUR days ago I would have been air-borne.
britgirl, I think you’ve got it. I choose to delegate to WordPress the choice of what’s safe and what’s not in my blog, but there are those who are capable of making those choices on their own and for them is WordPress.org and self-hosted blogs.
If anyone found my post judgemental, I sincerely apologize. Believe me, I have zero problem being judgemental, but it was not my intention in this particular thread.
OT: Thank you, WordPress, for fixing the damn REPLY box so I can actually see what happens over to the right-hand side!
Hey, it is fixed. :)
I just wish there was some method for *cough* certain blogs to have this protection removed.
Just so they can see why the protection is there.
We’ve already had a couple of threads where the posters were wondering why they were seeing all the broekn javasvripts in the comments.
It’s not fixed now. Dayum!
Actually I stand corrected. The right side of the post box has gone missing yet again. :(
Well,I am just curious because the article shown says that Myspace had problems with a flash file.In order to modify such a thing(the flash file) it would have had to be hosted at Myspace.Hosting the file and embedding it are two very different things.Embedding is much like linking in that the file is not actually hosted where the embed code it.It is on a different server.
So while, I can see that it would be unwise to host these files, I cannot see how embedding them would be the same or a danger.
Embeding in not just like linking to a file. It puts it into the browser.
IE has has security concerns with the embed tag in the past as well.
Yes, but the original source file it still on another server and that is what was modified(given the virus).
I was stating what was fairly obvious that the article you held up as your reason why WP.com does not allow embeding is not even about embedded files.It was about hosted files.
It is like saying”My friend dies yesterday from a bad plum, so from here on out, I am not going to eat any Apples.”
When you present that kind of logic to people it is no small wonder that they leave.Like it or not every person who posts in here is a potential future customer.
Anyway, I am done talking with the doorknob.
So glad I took the time to try and help you.
Yes, he’s a charmer, ain’t he?
>>If you’re really that insistent on leaving then can I suggest that >>you get some hosting and download the WP software? You get the best >>of all worlds then. WordPress, embedding whatever you like, complete >>control over the themes and you don’t have to use blogger or >>MySpace!
for my case, I like to have a local copy for my blog in my machine.
But Im NOT able to import the exported xml of my live blog into my local blog.
There’s a comment on Scobleizer that I thought explained it well. It reads:
This is just a basic part of the underlying technology of the web browser, and it’s required for sites like gmail, Yahoo!, and others to operate.
There are ways a site can avoid this problem (generally by constantly changing the login cookie data with EVERY response, and invalidating the old ones immediately), but they require more horsepower on the backend than the blogging sites are really able to provide, and there’s still usually a small window of opportunity.
Sorry, I get a little nasty when people are not explaining something to me and just giving me a standard answer or as the case may be, a answer that does not make sense. The comment that was on Scobe’s blog did explain it much better than anything I saw here.
Lesson to be learned from this…Don’t answer questions if you don’t really know the real answer.
The topic ‘Allow Embedded Files!’ is closed to new replies.