[opensource-dev] FAQ posted for Third Party Viewer Policy
Lance Corrimal
Lance.Corrimal at eregion.de
Mon Mar 1 07:06:07 PST 2010
Am Montag, 1. März 2010 15:59:17 schrieb Robert Martin:
> On Mon, Mar 1, 2010 at 9:49 AM, Lance Corrimal
>
> <Lance.Corrimal at eregion.de> wrote:
> > set the media url to something that is not an url to a video, but the url
> > of a script that exploits something in quicktime to gather data about the
> > client requesting that url, and poof you have all kind of cans of worms
> > wide open.
> >
> >
> > ...and "flash on a prim" isn't going to make the whole grid more stable
> > and secure either.
> What would help is having the Shared Media happen inside a sandboxed
> browser (hint lock down the embedded browser) if you have the right limits
> and locks then the worst thing that could happen is they see this
> http://www.youtube.com/watch?v=dQw4w9WgXcQ.
that would be the sensible thing to do.
... any bets that even if someone would code that into snowglobe 2.0, it
wouldn't make it into the official stock viewer?
More information about the opensource-dev
mailing list