Re: Adobe plugin security fixes reccommend proprietary EMBED

Let's not start a wild and long object vs embed / software patents 
thread ... but:

David Woolley wrote:
> On about Thursday last week, Adobe re-issued their SVG plugin with a
> number of serious security flaws fixed.
> 
> In connection with one of the (lesser) flaws, they said that people
> should use EMBED rather than OBJECT, and the wording suggested that it
> was their standard advice to use proprietary HTML with their plugin;
> there was no indication that EMBED was proprietory.  (The specific issue
> is that they can apparently sense the effect of the user's policy on
> scripting with EMBED, but not with OBJECT, so they have unconditionally
> disabled scripting with OBJECT.)

Yes, I think they should at least say that "embed" is not HTML = is 
non-standard (and AFAICS they could limit their recommendation to 
scripted SVG in IE).
Hopefully there soon will be a patch for IE addressing the issue (web 
page authors can't fix the bugs in IE, but MS can).

> (In respect of the last, I don't believe software patents create the
> innovation that is the justification for governments having patent
> laws.  In this case the innovation has been in ways of avoiding the
> patent, but which are generally detrimental to the web; they have not
> been in potentially better ways of achieving the same thing.)

Support http://swpat.ffii.org/ :)

Tobi

-- 
http://www.pinkjuice.com/

Received on Monday, 13 October 2003 04:58:20 UTC