Blocking flash should not need Javascript enabled to work.

A lot of websites have both abusive javascript, sometimes repogramming your mouse, sometimes endless tiny messageboxes forcing one to force closed K-Meleon in task manager, and others are even able to use Javascript to install malware on my PC despite having the strictest Javascript secury.

Flash is supposed to be able to do lots of bad things too, though not as bad as Javascript. Flash stands out for those "local shared object" (aka. flash cookies) on a PC as spyware. Some sites like eBay even make up propaganda on how the spyware is good for you.

Anyway, there needs a way for Flashblock to work when Javascript is off, too. MSIE at highest security setting that it blocks flash, javascript, and quicktime all at once.

It would be good to have a sort of quicktime block as it's no fun to go to a page and it wants to download a huge quicktime file that's unstoppable without closing the page and encourages K-Meleon (or about any browser) to crash.

Then there's Adobe Acrobat. It should be easy where if a website tries to force Acrobat to open in a browser window, some small setting programmers could make to have an option to **treat every PDF file like an EXE file**. Seriously, this needs to be done as every browser lets abusive websites load Adobe Acrobat in the browser window so the webmaster can laugh as lots of people's browsers lag and then quite often also crash.

Flashblock is a JavaScipt application.

Have a look at NoScript which exists for K-Meleon too.

You can alter pdf settings via Preferences panel.

Flash started without javascript is possibly a
nuisance, but rarely dangerous, because javascript
is usually needed to execute a dangerous function
called up by flash.
As Guenter said, Flashblock can only work with
javascript activated.
If you install the NoScript extension, you can
block javascript for all websites or allow some
selected ones permanently or for the session.
Additionally, there is an option on the NoScript tab
Options/Advanced, to block flash completely,
or also Microsoft Silverlight and other plugins,
or even iframes.
I also prefer using the small FoxitPDFreader instead of
the big Acrobat.
Besides that, I would never go to the internet as an
administrator. but create a personal additional
account as a simple user with restricted rights.
This is very effective using Windows Vista, but also
preferable in XP, and it is the standard for Linux users
anyhow.
Malware, viruses or trojans can only damage your system
with the rights of the current user, so it is advisable
to do all possible work as a simple user.

Fred

guenter, "You can alter pdf settings via Preferences panel." that's an awesome thing.

New feature request: It would be nice though if it could do a group select of stuff, though to change multiple at once.


Fred, I've heard of various things like Flash supposedly being able to do popup bombs like Javascript and Last Measure (shock site with popup bombs) supposedly changed to Flash from Javascript.

Are you sure Flash can't do any compromises other than Flash cookies with Javascript disabled? I've been looking for information and asking on other sites abotu this for a long time. I also don't program in Flash so I wasn't aware Flash and Javascript can comingle and do you know how they comingle?

I am no expert in what concerns security issues,
but as far as I know a script that the browser understands
would have to be executed, which would be javascript or in
Internet Explorer jscript or Active x , and only
acting with the system rights of the user, or, worse, of
the administrator.
There is of course always the possibility of a buffer
overflow which could cause a browser crash, ending
with an appended command that would penetrate deep into the
system and then could be executed there. To avoid that as far
as possible, you can only trust the creators of the program,
respectively the system creators, to patch their own mistakes
as often as possible, and install the patches or the
improved versions, as soon as they are available.

Fred

I do not think that it can be done.

block the flash how to Flashblock ? http://www.floppymoose.com/#flash

I do not know answer too: "Blocking flash, javascript, Quicktime, Acrobat, etc all at the same time in K-Meleon".

Flash block is already included by default.
I am sure it can be done for all by altering usercontent.css.
Like Your links says it can be done for flash.
But how to exchange that css by site or on the fly? I do not know



Edited 1 time(s). Last edit at 02/08/2009 09:22PM by guenter.

Bit older this thread yeah, but I just stumbled over it now while searching something else, as usual ;-)

Any news on the block-flash-without-javascript front...?

I've checked out the link above, looks promising, but doesn't seem to be targeted at all flash-variations (or what that is, am clueless with such stuff), because despite copying that code into my user-css, youtube still plays videos perfectly Of course I want them to play, but only after clicking a button, and without having to switch on javascript!

That user-css-code is on those two sites, very similar:
www.floppymoose.com/#flash
www.squarefree.com/userstyles/xbl.html

The second says, the link to an external xml-page is only required due to some bug. But that's been years ago, and that bug is long since fixed, so I suppose one can put that xml-page into the KM-folder.

This is the second code, the one I tried (by Jesse Ruderman):

/* Prevent flash animations from playing until you click on them. */
object[classid$="27CDB6E-AE6D-11cf-96B8-444553540000"],    <-- Hey, that smilie is : D 
object[codebase*="swflash.cab"],
object[type="application/x-shockwave-flash"],
embed[type="application/x-shockwave-flash"],
embed[src$=".swf"]
{ -moz-binding: url("www.squarefree.com/turing/clickToView.xml#ctv"); }

Quote
Christopher Poole
Then there's Adobe Acrobat. It should be easy where if a website tries to force Acrobat to open in a browser window, some small setting programmers could make to have an option to **treat every PDF file like an EXE file**

It wouldn't be easy at all to circumvent your local settings in such a way (never happened till now as far as I can remember) not even if the reader would have a blatant bug. Be aware that in case your reader has an exploitable bug you can get hit by malware even if you open the PDF locally unless you are on a limited user account like Fred pointed out.



Edited 2 time(s). Last edit at 10/19/2009 04:42PM by Yogi.

Fred,

If you don't want to change administrator rights for all, you can run KM or any other app with Drop My Rights (as I do).

C:\ WarezDropMyRights\ DropMyRights.exe"c: \Program Files \K-Meleon \K-Meleon.exe" N

N

To block all plugins use the little known pref "permissions.default.object" and set it to 2.

Possible values for permissions.default.object
1 allow all plugins (default)
2 block all plugins
3 block third-party plugins

With value 2 you can then use the file hostperm.1 in your profile directory to setup a whitelist of sites for which plugins are allowed to load, for example adding the following lines will allow Google and YouTube to load plugins for their flash content:

host object 1 google.com
host object 1 gstatic.com
host object 1 youtube.com
host object 1 ytimg.com

Conversely with the default pref setting of 1 you can use hostperm.1 to setup a blacklist by using value 2 for sites you don't want to load.

For more info see here - http://kb.mozillazine.org/Hostperm.1

WHOW - it WORKS!! Thank you! :-))

Tried it with youtube, object permissions set to 2 (=block), and in fact no video there, with or without javascript and flashblock. If javascript is on, flashblock produces the placeholders as usual, but when clicking it the placeholder simply vanishes, as if javascript were off.

Of course that "javascriptless flash-object-blocker" would need a better interface and placeholders, but it seems the structure of permissions etc. around that hostfile is pretty much similar for images, cookies, popups, as in Tools/Privacy/Permissions... So perhaps it's not overly difficult to copy and adapt those also for embedded "objects"?? *hope*

I have no clue of programming or macros, but can compare and copy So I did an explorer search for image permissions, main.kmm came up, I copied the file to main2.kmm and then deleted everything in it that didn't seem related to image toggling - just wild guessing of course ;-) Then replaced the word "image" with "object". Didn't work yet, so tried with renaming the buildmenu- and syncbuttons-names with a "2" at the end, and voila -

It works!! *shock* Now there's actually an entry for "Block Objects" in the privacy menu, along with all the other block options, and the checkmark works too!

------------------ macro main2.kmm ----------------------------

# ----- Accessibility/Privacy/Security

$pref_Objects="permissions.default.object";

pref_ToggleObjects{
macroinfo=_("Toggle Object loading");
menuchecked=(getpref(INT,$pref_Objects)==2);
togglepref(INT,$pref_Objects,1,2); &_pref_SyncButtons;
statusbar(sub("%s",getpref(INT,$pref_Objects)==2?$off:$on,_("Object loading %s")));
}

# ----- PRIVATE

# Menu Integration
_pref_BuildMenu2{
setmenu(_Privacy_Settings,macro,"Block &Objects",pref_ToggleObjects);
}
$OnInit=$OnInit."_pref_BuildMenu2;";

# Toolbar Integration
_pref_SyncButtons2{
pluginmsg(toolbars,CheckButton,&Privacy Bar,macros(pref_ToggleObjects),(getpref(INT,$pref_Objects)==1?0:1));

$OnLoad=$OnLoad."_pref_SyncButtons2;";
$OnStartup=$OnStartup."_pref_SyncButtons2;";
----------------------------------------------------------

Of course I would also need a privbar-button, and added this:

---------------------- added to toolbar.cgf in skin folder --------------------
Objects{
macros(pref_ToggleObjects)|&Privacy
Block Objects
privhot.bmp[17]
privcold.bmp[17]
}
-------------------------------------------------------------------

That button works partly: The toggle function is okay, as can be checked in about:config, but that button is always green, no matter the setting
I suppose there are some people here who can repair this...

But there's also the problem of placeholders, like with images, there's some hint needed that there's a video or something existing. Like with the native "Flashblock", which alas needs javascript *sigh*

Basically status quo for me, since personally javascript is off by default. So don't see video-placeholders anyway, but it bugs me having to switch javascript on just to see them, like on youtube. Or rather when I merely want to read the video descriptions there, not even watch the movie, but even this description needs already javascript :-( Well, I realize this part has nothing really to do with videos ;-)



Edited 2 time(s). Last edit at 10/30/2009 07:33PM by siria.

Quote
siria
Of course I would also need a privbar-button, and added this:

---------------------- added to toolbar.cgf in skin folder --------------------
Objects{
macros(pref_ToggleObjects)|&Privacy
Block Objects
privhot.bmp[17]
privcold.bmp[17]
}
-------------------------------------------------------------------

That button works partly: The toggle function is okay, as can be checked in about:config, but that button is always green, no matter the setting
I suppose there are some people here who can repair this...

Your problem is possibly you are using same image to both status of the button:
privhot.bmp[17] and privcold.bmp[17] is the same green image, change privhot.bmp[17] by a red image. Or try to change the icon number.

Objects{
	macros(pref_ToggleObjects)|&Privacy
	Block Objects
	privhot.bmp[18]
	privcold.bmp[17]
	}

K-Meleon in Spanish



Edited 1 time(s). Last edit at 10/31/2009 12:08PM by desga2.

Thanks, but sorry no, it's different images on hot and cold bar ;-)
Perhaps I should clarify, especially that gray background on "pressed" state is also missing...

This is your problem in syncronized privacy toolbar button:

Quote
siria
------------------ macro main2.kmm ----------------------------

# ----- Accessibility/Privacy/Security

$pref_Objects="permissions.default.object";

pref_ToggleObjects{
macroinfo=_("Toggle Object loading");
menuchecked=(getpref(INT,$pref_Objects)==2);
togglepref(INT,$pref_Objects,1,2); &_pref_SyncButtons2; # AND NOT &_pref_SyncButtons
statusbar(sub("%s",getpref(INT,$pref_Objects)==2?$off:$on,_("Object loading %s")));
}

# ----- PRIVATE

# Menu Integration
_pref_BuildMenu2{
setmenu(_Privacy_Settings,macro,"Block &Objects",pref_ToggleObjects);
}
$OnInit=$OnInit."_pref_BuildMenu2;";

# Toolbar Integration
_pref_SyncButtons2{
pluginmsg(toolbars,CheckButton,&Privacy Bar,macros(pref_ToggleObjects),(getpref(INT,$pref_Objects)==1?0:1));
} # <= REMEMBER CLOSE FUNCTIONS

$OnLoad=$OnLoad."_pref_SyncButtons2;";
$OnStartup=$OnStartup."_pref_SyncButtons2;";

K-Meleon in Spanish



Edited 1 time(s). Last edit at 10/31/2009 01:59PM by desga2.

Oops... thanks! That's exactly that kind of tiny little syntax errors that I keep overlooking
So now I inserted the "2" and the "}" and restarted, but still no change in button state... Must be something more missing just what?? Could it be something with the toggle-option numbers...?



Edited 1 time(s). Last edit at 10/31/2009 02:36PM by siria.

Are you sure this is one line, not multiple lines?

# Toolbar Integration
_pref_SyncButtons2{
pluginmsg(toolbars,CheckButton,&Privacy Bar,macros(pref_ToggleObjects),(getpref(INT,$pref_Objects)==1?0:1));
}

K-Meleon in Spanish

Uhm, with macros I'm not sure of anything.... just experimenting...
This is the part in main.kmm that I took as template:

# Toolbar Integration
_pref_SyncButtons{
$__c="CheckButton"; $__m=",macros(pref_Toggle";
# Privacy Bar (make sure the toolbar name is correct):
$__toolbar="&Privacy Bar";
pluginmsg(toolbars,$__c,$__toolbar.$__m."Animation),".(getpref(STRING,$pref_Animation)=="none"?1:0));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Colors),".(getpref(BOOL,$pref_Colors)?0:1));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Cookies),".(getpref(INT,$pref_Cookies)==2?1:0));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Images),".(getpref(INT,$pref_Images)==1?0:1));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Java),".(getpref(BOOL,$pref_Java)?0:1));
pluginmsg(toolbars,$__c,$__toolbar.$__m."JavaScript),".(getpref(BOOL,$pref_JavaScript)?0:1));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Popups),".(getpref(BOOL,$pref_Popups)?1:0));
pluginmsg(toolbars,$__c,$__toolbar.$__m."Referer),".(getpref(INT,$pref_Referer)==0?1:0));
# Main Bar (make sure the toolbar name is correct):
$__toolbar="&Main Bar";
pluginmsg(toolbars,$__c,$__toolbar.$__m."Popups),".(getpref(BOOL,$pref_Popups)?1:0));
}
$OnLoad=$OnLoad."_pref_SyncButtons;";
$OnStartup=$OnStartup."_pref_SyncButtons;";

Oh man, as usual, after way too many hours of struggling and searching and experimenting and a couple more gray hairs, but finally got that stupid button to stay pressed!!!
The syntax errors were in this line, 4x " and a . were missing:
pluginmsg(toolbars,CheckButton,&Privacy Bar,macros(pref_ToggleObjects),(getpref...

Attention, there are 3 toggle states now, two of which look the same in button state!
All blocked (button pressed) / Site allowed (button free) / All allowed (button free)
If you don't want the second (only third-party objects blocked), simply remove the "3" from "1,2,3" in togglepref:


So this is at last the CORRECT version:

-------------------- macro: main2.kmm ----------------

# ----- Accessibility/Privacy/Security

$pref_Objects="permissions.default.object";

pref_ToggleObjects{
macroinfo=_("Toggle object loading");
menuchecked=(getpref(INT,$pref_Objects)==2);
togglepref(INT,$pref_Objects,1,2,3); &_pref_SyncButtons2;
statusbar(sub("%s",getpref(INT,$pref_Objects)==2?$off:$on,_("Object loading %s")));
}

# ----- PRIVATE

# Menu Integration
_pref_BuildMenu2{
setmenu(_Privacy_Settings,macro,"Block &Objects",pref_ToggleObjects);
}
$OnInit=$OnInit."_pref_BuildMenu2;";


# Toolbar Integration
_pref_SyncButtons2{
pluginmsg(toolbars,"CheckButton","&Privacy Bar,macros(pref_ToggleObjects),".(getpref(INT,$pref_Objects)==2?1:0));
}
$OnLoad=$OnLoad."_pref_SyncButtons2;";
$OnStartup=$OnStartup."_pref_SyncButtons2;";

# -------------------------------------------------------------

The privbar-button was correct before, but just to have this complete:

---------------------- added to toolbar.cgf in skin folder --------------------
Objects{
macros(pref_ToggleObjects)|&Privacy
Block Objects (3 Toggles: All blocked / Site allowed / All allowed)
privhot.bmp[17]
privcold.bmp[17]
}
-------------------------------------------------------------------


What that preference does, acc. to http://kb.mozillazine.org/Hostperm.1

object

Use the object selector to control the contents of <embed> and <object> tags, like plug-in content.

This selector does not control the contents of <object> tags on 1.8 branch or earlier builds (i.e., Firefox 1.5.x, Camino 1.0.x, etc.). These builds will also render blocked content as a two-pixel vertical line with a height as specified by the HTML file. Recent trunk builds block <object> properly and render both <embed> and <object> content as invisible.

A value of 1 maps to "allow", 2 maps to "deny" (or block), and 3 maps to "deny third-party".

By the way, those 3 states also work for images, at least a quick test seems to confirm! :-)) Same trick as above, add a ",3" in the main.kmm
(Not sure about cookies, theoretically they work too, even with another state "8" (session only), but on a test site it always says third-party cookies were accepted)



Edited 5 time(s). Last edit at 11/15/2009 11:12AM by siria.

While I'm at it... *whistle*
Stumbled about the DOM supercookies (not flash sort, see above), and it looks like those are NOT disabled when "normal" cookies are blocked, as they normally should? (e.g. in privbar) There is a setting that was introduced in Firefox2:

dom.storage.enabled (true,false)

It is on by default and doesn't seem to follow when "normal" cookies are blocked, as one can check in about:config. Or perhaps this thing has no influence in KM, no idea - anyone knows?
Those DOM cookies can store up to 5MB each, compared to 4kB for normal ones, or 100kB for Flash cookies. Some info links:
http://en.wikipedia.org/wiki/DOM_storage
http://208.109.22.214/puppy/viewtopic.php?t=17734
https://addons.mozilla.org/en-US/firefox/addon/6623
german: http://photoxpress.org/debugging/workarounds/Was-ist-ein-Super-Cookie.php

Anyway, since adding a toggle for the objects settings, I thought the dom-cookies should work similar, and this time it was only a matter of 5 min - button worked instantly *shock* Uhm, yeah, expect that the button this time wouldn't get out of pressed state *blush* But quickly found, just a littly typo, uff.


# ------------------------- macro: main2.kmm v3 --------------------

# Macro adds 2 buttons to Privacy Menu + PrivBar:
# Toggle Flash (and other "object" stuff), and Toggle DOM SuperCookies

# ----- Accessibility/Privacy/Security

$pref_Objects="permissions.default.object";
$pref_DomStorage="dom.storage.enabled";

pref_ToggleObjects{
macroinfo=_("Toggle object loading");
menuchecked=(getpref(INT,$pref_Objects)==2);
togglepref(INT,$pref_Objects,1,2,3); &_pref_SyncButtons2;
statusbar(sub("%s",getpref(INT,$pref_Objects)==2?$off:$on,_("Object loading %s")));
}
pref_ToggleDomStorage{
macroinfo=_("Toggle DomStorage-supercookies");
menuchecked=!getpref(BOOL,$pref_DomStorage);
togglepref(BOOL,$pref_DomStorage); &_pref_SyncButtons2;
statusbar(sub("%s",!getpref(BOOL,$pref_DomStorage)?$off:$on,_("DomStorage support %s")));
}

# ----- PRIVATE

# Menu Integration
_pref_BuildMenu2{
setmenu(_Privacy_Settings,macro,"Block &Objects",pref_ToggleObjects);
setmenu(_Privacy_Settings,macro,"Block DOM SuperCookies",pref_ToggleDomStorage);
}
$OnInit=$OnInit."_pref_BuildMenu2;";


# Toolbar Integration
_pref_SyncButtons2{
pluginmsg(toolbars,"CheckButton","&Privacy Bar,macros(pref_ToggleObjects),".(getpref(INT,$pref_Objects)==2?1:0));
pluginmsg(toolbars,"CheckButton","&Privacy Bar,macros(pref_ToggleDomStorage),".(getpref(BOOL,$pref_DomStorage)?0:1));
}
$OnLoad=$OnLoad."_pref_SyncButtons2;";
$OnStartup=$OnStartup."_pref_SyncButtons2;";

# ----------------------------------------------------------------------

PrivBar-Button for DOM supercookies (flash/objects-button see above):
(For lack of other button have "doubled" the existing "block cookies", but don't confuse them)

------------------ added to toolbar.cgf in skin folder ----------------
DOM SuperCookies{
macros(pref_ToggleDomStorage)|&Privacy
Block DOM SuperCookies
privhot.bmp[2]
privcold.bmp[2]
}
-------------------------------------------------------------------



Edited 3 time(s). Last edit at 11/01/2009 08:23PM by siria.

It should be safe to simply disable DOM storage (dom.storage.enabled = false) without worrying about a toggle. I've run with this disabled and Flash local shared objects (LSOs) disabled for a while now without any adverse effects whatsoever.

Note any website usage of DOM storage creates an SQLite file in your profile directory (webappsstore.sqlite) which you probably want to delete.

Quote
siria
<snip to shorten>

Of course I would also need a privbar-button, and added this:

---------------------- added to toolbar.cgf in skin folder --------------------
Objects{
macros(pref_ToggleObjects)|&Privacy
Block Objects
privhot.bmp[17]
privcold.bmp[17]
}
-------------------------------------------------------------------

That button works partly: The toggle function is okay, as can be checked in about:config, but that button is always green, no matter the setting
I suppose there are some people here who can repair this...

<snip to shorten>

siria/All: What line are you looking at in about:config to see whether it works or not? I got partially through the toolbar.cgf and don't know how to verify my/your 'compare and copy' method :drool: progress (got the main.kmm to work and verification that it works).

Look above in this post

Quote
asmpgmr
To block all plugins use the little known pref "permissions.default.object" and set it to 2.

Possible values for permissions.default.object
1 allow all plugins (default)
2 block all plugins
3 block third-party plugins

With value 2 you can then use the file hostperm.1 in your profile directory to setup a whitelist of sites for which plugins are allowed to load, for example adding the following lines will allow Google and YouTube to load plugins for their flash content:

host object 1 google.com
host object 1 gstatic.com
host object 1 youtube.com
host object 1 ytimg.com

Conversely with the default pref setting of 1 you can use hostperm.1 to setup a blacklist by using value 2 for sites you don't want to load.

For more info see here - http://kb.mozillazine.org/Hostperm.1

Please be sure you use the final "dark red" version ;-) That button you cited was already okay though, IIRC. And as noted somewhere above too, this setting works only on newer KM-versions. After adding it can't harm to test it somewhere on a flash site or such.

Quote
siria

<snipped to shorten>

# ------------------------- macro: main2.kmm v3 --------------------

[<snipped to shorten>

------------------ added to toolbar.cgf in skin folder ----------------
DOM SuperCookies{
macros(pref_ToggleDomStorage)|&Privacy
Block DOM SuperCookies
privhot.bmp[2]
privcold.bmp[2]
}
-------------------------------------------------------------------

siria/all: OK, seems I confused you by Quoting the wrong toolbar.cgf --I didn't notice that there was version 2 (Objects) and the new version 3 (DOM SuperCookies). From my November 15, 2009 08:39AM post I was actually referrring to the DOM SuperCookies, and not the objects--sorry for the confusion.

Back to your noting the use of the hostperm.1 in the Profile directory: Perhaps my KM v1.5.3 isn't bleeding edge enough--it doesn't have a hostperm.1 Irregardless, if I'm following this correctly, it seems almost like the hostperm.1 is a somewhat similar yet alternate method to blocking objects like the macro main2.kmm v3 > Accessibility/Privacy/Security.

Yeah there seems to be quite some confusion yet

It's not all that complicated really:
KM has a couple options for blocking stuff like cookies, javascript, popups etc.
The default setting for those can be set either via about:config, or via TOOLS/Privacy, or via the buttons on the Privacy-Toolbar, or partly via F2/Privacy etc. Different ways, same effect, all these basically just toggle the default setting in about:config !

Then there's the black-white-list for exceptions (=hostperms), for sites that are always allowed or forbidden to use javascript or cookies etc, regardless the global default setting. To maintain that list, one could edit it either manually (it's just a simple text file), or easier via Tools/Privacy/Permissions, to set the exceptions for specific sites to use cookies, popups and images. For other stuff that list is only manually editable so far it seems, but not sure, may be alternative ways again.

If that list doesnt already exist in your user profile, it will certainly be created as soon as you assign the first exception for any site.

Now what this macro main2.kmm does, is to merely add two more menu entries, one to toggle the default setting for objects (flash, pdf, etc.) and one for DOM-supercookies. And if one is willing to do some manual work, they can also add two buttons on the privacy bar.
Without that macro, those global settings can be accessed as well, just only via about:config, which is less convenient than a button or menu entry. Either way, the black-white-list for exceptions must be edited manually.

I'd find it useful if those two setting were perhaps included in a future release, and if so, please be careful then to delete that macro main2 again, or the poor browser may get a bit mixed up with the double definitions ;-)

Hope this clears things up a little...

PS: Please leave a little bit room for the thread titles, your latest superlong username here takes already half the width of my 1024-screen, forcing the thread title to wrap on 8 (!!) lines ;-)



Edited 1 time(s). Last edit at 11/15/2009 03:56PM by siria.

GRMPF!! :-(
I thought those settings would block ALL flash, but seems not. There's this niftly little macro called "Open Video". I like it a lot, it opens youtube-videos without needing javascript, even in fullscreen. And now I just discovered, it even plays them although all blocks are set...

That macro looks really tiny, although I don't have any idea what it really does, but somehow this works around those blocks:

Only_video{
$_video_addres="";
$_video_addres=gsub("watch?","",$LinkURL);
$_video_addres=gsub("=","/",$_video_addres);
opennew($_video_addres);
}

I don't mind if that macro slips through, but am afraid this means that also other stuff, malicious stuff, can get through with its trick??

nah don't worry..it should only work with youtube because of the 'watch?' bit
youtube is safe.