Support Forum

sp_Search Search
Advanced Search
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Search Search
general-topic
iframes Disallowed
Avatar
Ryan Collins
Member
Free Members
sp_UserOfflineSmall Offline
Go to Top
Apr 15, 2014 - 8:47 am

Hey guys,

Is it possible to allow iframes in Simpe Press posts?

I moved to a new host, so I am not sure if this is a setting within Simple Press...or if it has something to do with my new server settings.

Thanks as always

Image Enlarger

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
sp_UserWebsite sp_Twitter sp_Facebook sp_GooglePlus
Go to Top
Apr 15, 2014 - 9:41 am

allowing iframes is a pretty big security risk in the forum... keep in mind that anyone who can post, can add an iframe and is a potential XSS issue...  and not really sure why you need one - can you elaborate?  the most common is for video posting but with wp oembed, they are not needed...  but, if really needed and you trust all posters on your site, we can give you a filter that allows it to happen... just want to check use case and make sure you understand risk first...

Avatar
Ryan Collins
Member
Free Members
sp_UserOfflineSmall Offline
Go to Top
Apr 15, 2014 - 1:55 pm

Ah OK well I will not allow iFrames then, so no worries there.

I was basically just stumped as to why I couldn't post a video. I tried inserting a link to a vimeo video but I kept getting the "no iframes" error message.

I wasn't aware of wp oembed - is it simple and easy for my users to post videos using that method?

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
sp_UserWebsite sp_Twitter sp_Facebook sp_GooglePlus
Go to Top
Apr 15, 2014 - 9:40 pm

with wp oembed, all you do is paste in the url to the video.. boom, it handles everything else... the provider of course must support the oembed standard (its not a wp thing) and all the big ones do...

Avatar
Yellow Swordfish
Glinton, England
SP Master
sp_UserOfflineSmall Offline
Go to Top
Apr 16, 2014 - 3:33 am

...and while we quite seriously do not recommend it it is possible to turn iframes on posts - which Steve seems to have forgotten! It was added as a permission that can be turned on but it really is at your own risk. Using the oembed technique is far, far more secure.

andy-signature.png
YELLOW
SWORDFISH
Avatar
Ryan Collins
Member
Free Members
sp_UserOfflineSmall Offline
Go to Top
Apr 16, 2014 - 8:26 am

Sounds great - thanks a lot for the prompt assistance!

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
sp_UserWebsite sp_Twitter sp_Facebook sp_GooglePlus
Go to Top
Apr 16, 2014 - 9:47 am

forgotten? nah, even alluded to it... but wanted to make sure the risks were understood first... ;)

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
sp_UserWebsite sp_Twitter sp_Facebook sp_GooglePlus
Go to Top
Apr 16, 2014 - 9:47 am

forgotten? nah, even alluded to it... but wanted to make sure the risks were understood first... ;)

sp_Feed All RSS
Go to top
Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1170
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 650
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Member Stats:
Guest Posters: 617
Members: 17359
Moderators: 0
Admins: 4
Forum Stats:
Groups: 7
Forums: 17
Topics: 10125
Posts: 79620