Support Forums: Message List - But most of all samy is my hero http://www.theserverside.com Most recent forum messages en Jive Forums Silver 5.5.30 (www.jivesoftware.com) Sat, 18 May 2013 03:42:03 -0400 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201 Tue, 25 Oct 2005 11:23:43 -0400 Tue, 25 Oct 2005 11:23:43 -0400 Tue, 25 Oct 2005 11:23:43 -0400 Oct 25, 2005 Erik Gulliksen 0 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201
Experience points to flash 7 penetration much closer to 50% on current business PCs.

Jeff]]> Mon, 24 Oct 2005 18:19:21 -0400 Mon, 24 Oct 2005 18:19:21 -0400 Mon, 24 Oct 2005 18:19:21 -0400 Oct 24, 2005 Jeff Dill 1 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201
Yes, but I have a feeling that this is a bit of a red herring. Quite a few people have flash installed on their PCs, and it does not seem to be very difficult to download and install flash if needed.

However, the point that Dr....]]> Mon, 24 Oct 2005 13:41:31 -0400 Mon, 24 Oct 2005 13:41:31 -0400 Mon, 24 Oct 2005 13:41:31 -0400 Oct 24, 2005 Henrik Pettersen 0 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201 Do you have any references?I would be surprised to see a solid independent study that puts flash 7 penetration above 60% on business desktops.
There are tons of them. And its *way* above 60%. Especially when you're only...]]> Sat, 22 Oct 2005 10:53:23 -0400 Sat, 22 Oct 2005 10:53:23 -0400 Sat, 22 Oct 2005 10:53:23 -0400 Oct 22, 2005 David Wolf 3 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201
I think you will find from several independant third party analysis that extreemly recent flash players have a penetration well over 90%.
Do you have any references?
 Sat, 22 Oct 2005 06:36:28 -0400 Sat, 22 Oct 2005 06:36:28 -0400 Sat, 22 Oct 2005 06:36:28 -0400 Oct 22, 2005 Victor C. 0 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201 I think you will find from several independant third party analysis that extreemly recent flash players have a penetration well over 90%.

Do you have any references?

I would be surprised to see a solid independent...]]> Fri, 21 Oct 2005 19:26:36 -0400 Fri, 21 Oct 2005 19:26:36 -0400 Fri, 21 Oct 2005 19:26:36 -0400 Oct 21, 2005 Jeff Dill 5 But most of all samy is my hero http://www.theserverside.com/discussions/thread.tss?thread_id=37201 I'm a big fan of Java Web Start for Web 2.0 applications. Can you point me to any data that shows the current trend for adoption of JWS as a deplopment choice?

Mostly anecdotal, ex
 Fri, 21 Oct 2005 17:10:53 -0400 Fri, 21 Oct 2005 17:10:53 -0400 Fri, 21 Oct 2005 17:10:53 -0400 Oct 21, 2005 Victor C. 0 But most of all samy is my hero http://www.theserverside.com/discussions/thread.tss?thread_id=37201 Ajax is not secure, not maitaniable, etc. It does not add anything new.Just a fad, no worries.Maybe try Flash... or JDNC for real RiA / Web 2.0..Vhttp://roomity.com has latest tech news - RiA,...]]> Fri, 21 Oct 2005 11:29:48 -0400 Fri, 21 Oct 2005 11:29:48 -0400 Fri, 21 Oct 2005 11:29:48 -0400 Oct 21, 2005 Ed Burns 1 Don't blame the browser http://www.theserverside.com/discussions/thread.tss?thread_id=37201 Use a HTML parser, normalize the HTML, throw out tags <script>, javascript: etc. etc.

If you don't do this, don't expect the browser to save you.]]> Fri, 21 Oct 2005 05:21:54 -0400 Fri, 21 Oct 2005 05:21:54 -0400 Fri, 21 Oct 2005 05:21:54 -0400 Oct 21, 2005 Jochen Bedersdorfer 0 But most of all samy is my hero http://www.theserverside.com/discussions/thread.tss?thread_id=37201 And then all Samy would have to do was start his post with a closing </DIV> tag and end it with a new <DIV SECURITY=...> tag and viola, his code is outside of these tags.
What if we were able to disble javascript...]]> Fri, 21 Oct 2005 02:40:50 -0400 Fri, 21 Oct 2005 02:40:50 -0400 Fri, 21 Oct 2005 02:40:50 -0400 Oct 21, 2005 Reg Whitton 0 Why we need HTML for real RiA http://www.theserverside.com/discussions/thread.tss?thread_id=37201 A minority of clients have a recent flash player. Even fewer have a JVM.
Far from true. I think you will find from several independant third party analysis that extreemly recent flash players have a penetration well over...]]> Fri, 21 Oct 2005 00:47:12 -0400 Fri, 21 Oct 2005 00:47:12 -0400 Fri, 21 Oct 2005 00:47:12 -0400 Oct 21, 2005 David Wolf 6 I didn't get it.... http://www.theserverside.com/discussions/thread.tss?thread_id=37201
<div SECURITY="">&amp;nbsp;&amp;nbsp;&amp;nbsp;paste content here</div>if the pasted content is valid XHTML, it cannot start with a close tag.
Sorry, but I think you did not understand...]]> Thu, 20 Oct 2005 19:03:49 -0400 Thu, 20 Oct 2005 19:03:49 -0400 Thu, 20 Oct 2005 19:03:49 -0400 Oct 20, 2005 Alexandre Poitras 0 TCP/IP is not secure, what else is new? http://www.theserverside.com/discussions/thread.tss?thread_id=37201
We can try to mitigate the impact, but ultimately, nothing...]]> Thu, 20 Oct 2005 18:49:54 -0400 Thu, 20 Oct 2005 18:49:54 -0400 Thu, 20 Oct 2005 18:49:54 -0400 Oct 20, 2005 Jack Russel 0 You didn't get it http://www.theserverside.com/discussions/thread.tss?thread_id=37201 <div SECURITY="">&nbsp;&nbsp;&nbsp;paste content here</div>if the pasted content is valid XHTML, it cannot start with a close tag.
Sorry, but I think you did not understand Preston's...]]> Thu, 20 Oct 2005 18:49:19 -0400 Thu, 20 Oct 2005 18:49:19 -0400 Thu, 20 Oct 2005 18:49:19 -0400 Oct 20, 2005 Alexandre Poitras 1 Wouldn't this work to prevent such attacks? http://www.theserverside.com/discussions/thread.tss?thread_id=37201 Can't you just invent your own markup for your site users to use and only translate those entities to HTML when rendering the page?That way any illegal script would just be rendered in plain text.Like [b] would become <b>...]]> Thu, 20 Oct 2005 18:07:15 -0400 Thu, 20 Oct 2005 18:07:15 -0400 Thu, 20 Oct 2005 18:07:15 -0400 Oct 20, 2005 Frank Bolander 0