SiteCrafting, Inc.
10 Sep
Objects and Params and Embeds, Oh My!
The newest Firefox update (3.6.9) sees object tags as a security threat. That means bad news for Fx users that use an outside source, such as a popup window, to embed video or script into their site content.
Since the recent Firefox update (3.6.9), a strange thing happened to our video and script embedding tools. Firefox has deemed the object tag a security threat and will now strip all the tags commonly used for embedding scripts and video inside of a rich text editor (RTE). That includes the following tags: object, param and embed.
We did find a small workaround for up-to-date Firefox users to embed objects. Since the stripping process is somewhere in the submission process of our popup window inserting the script, we can force the object tag in the source. Basically, the short term solution is to embed the code in "view source" mode of any RTE and stay away from any fancy, external interface for more easily inserting these elements. But never fear, a long term solution is in the works when we can gather more details about this update.
Perhaps this is Firefox's way of nudging developers to use more of the HTML5 specific tags, like the video tag. Are we going to find some of our other legacy tags disappearing in the near future? What say you?
Browser Bugs, HTML5
by Kirk Solar | 9/10/2010 4:25pm | Comments (1)
by Kirk Solar | 9/10/2010 4:25pm | Comments (1)
It appears Firefox has decided to strip out all non-standard HTML tags as well. And while I can't use the "mark" tag as an example because it's a valid tag, I'll use my co-worker's name. If you used javascript to insert the following code into an RTE:
some text
Firefox would strip out the tags and only insert "some text".
All that to say, Firefox doesn't like the "dave" tag!
Left by Mark Neidlinger | Sep 10, 2010