Topic: Unscientific Poll (Page 1 of 1)

We spend time designing for Nav 4 but is anyone still using it? I know the stat pages say all sorts of things but would like to know from real people.. Are you or is anyone you know..using Nav4.It is probably good exercise in desiging to design for an older browser.. I know there are many people on 800x600 rez and that is a must to consider in good design but what about Nav4..anyone?

skyetyger: Its probably also an unrepresentative poll too as I would expect a lower percentage of NS4.x users here.

I presume this is about IFRAMEs: www.gurusnetwork.com/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=16&t=000037

and related matters which is a whole different kettle of fish - I won't even go into the fact that people may start disabling them (I got hit be a site downloading a virus directly onto my hard disk the other day - I knew it was possible, thanks to links InI has suppied in the past, but it was still a suprise. No harm done though).

Emps


With patience and saliva the ant swallows the elephant - Colombian proverb

there is some guy known as Vogon Poet ...

Emp: I really am curious about the Nav4.. Disable what is not clear in your post.. I did get a virus just opening a page once.. it was server side and my Mcaffee caught it ..but it was on the page.. I notified the web page owner and deleted the file, no harm done..that was a while ago...

It is good design practice and I learn from designing for Nav4 but at some point it is going to be obsolete and as all the designers and java script writers spend valuable time designing for Nav4 and worrying about Nav4.. it may need to be discussed... I don't know.. I am just curious and it seemed a good idea to bring it out here.. Please clarify what you mean by disable and virus?.. I didn't understand that...

skyetyger: I wasn't saying it wasn't an important issue - its vital and perhaps this kind of discussion needs to be in another thread so as not to distract from your poll (I was jumping the gun with my IFRAME question). The whole 'How long should I continue supporting old browsers?' debate is still a lively one.

InI is probably the best person to talk about this (the information he has has been very enlightening) but IFRAMEs can be used to download and run various nasty things and this kind of attack will increase. It is also possible to disable IFRAMEs so that this kind of thing can't take place (I've read security experts say you should do that as well as switch off things like JavaScript). Possibly only for the paranoid but something that people need to bear in mind if they use IFRAMEs.

Have a nose around: www.guninski.com/browsers.html

GRUMBLE: Careful he may hear you!!

Emps


With patience and saliva the ant swallows the elephant - Colombian proverb

O..Thank you.. I didn't know that about Iframes..

There are many Iframes now.. Is it the page maker who would load the nasty or would a third or anonymous party be able to use, for instance., a frame on your site, without you knowing.. if they did not have direct access to the server and ftp? Oris it a window of opportunity for "floating" virus's as you say IE introduced it? As virus's are always possible.. a trusted site with frames would still be trusted, yes?

skyetyger: I think someone like InI can probably answer your questions better on this as the fundamentals are a little beyond me. However, there is only one type of IFRAME and it can be used for Good or Evil (like most things) and at the moment the evil use of IFRAMEs is very rare indeed.

Emps

Status on the good use Emps?

Weadah: Good use is stable and holding, although very rare, there does appear to be a current vogue for using it for its own sake which places most uses in the grey area of neither good nor evil or necessary!!

Emps

Hi.
On the browser-part...
I'd say it totally depends on the sites purpose and targetgroup.
If you are designing a commercial site meant for the general public, you have an obligation to the client to fulfill the clients requirement specification, these will on the browser issue in 99% of all cases be this: "The site should be accessible and fully usable in all browsers (possibly insert version 4+ here) on all platforms, including Mac."

In effect this means that you stay away from elements that can't be reproduced in a reliable way in the enviroments the spec states.

You may or may not agree that this is right, or even sensible requirements, you can back this up with all the stats you can possibly dig up, but it's still the clients call to make. They will probably (hopefully) know their targetgroup and have made this desicion based on getting max return from all visitors.

If you on the other hand want to target those who want to buy great webdesign, I'd say, let all browsers into the site, give them the main content then you can exclude mac, or opera, or ns as you please to demonstrate what can be done.

In short, lot's of companies still have a heritage of netscrape 4 as default browser installation for no other reason that lack of time to upgrade, or policy. Don't exclude the desicionmakers in those companies from wiewing your site... For personal sites, I don't care, I prefer full crossbrowser incl NS, but that's me.


On the iframe... I've experimented with this both on the web and in mails to see what it can and can't do (we had alittle bet a co-worker and me whether I could get into his personal pc).

Quite simple, if the mail reciever or visitor have low enough settings in their office enviroment or in the browser (macros and active-x mainly) Some one can get into the core of the machine and do whatever they want (on winblows of course) using the iframes external src.
So, it's definatley a potential risk! Make sure first of all that all your office-products alert you if there is macros in the document, make sure that all active-x components ask before running, and of course, as on ALL downloading of files.
Now this will not close all and every hole associated whith this, but it's the least you should do.

/Dan


-{ a vibration is a movement that doesn't know which way to go }-

It is still unclear to me who is controlling the Iframe..can my computer be accessed through a frame on my site or is it a frame I open on your page or in a mail sent by you or both?

I found this..it is dated Dec 2001 and I am not certain if addresses this but it is worthwhile to take a moment to download if you have IE5 or IE6 as it is a security patch from Microsoft.

http://www.microsoft.com/windows/ie/downloads/critical/q313675/default.asp

It's like this, I put an i-frame on my site or in a html-mail, as src for that i-frame I put a file, a word document or something else, as you surf to that page or open the mail, it's just like you point your browser to that file/whatever. The nasty thing in a mail, is that you can send a file to someone without them seeing it as an attachment, if you are running outlook and accept html-mail, you are downloading it automatically if your security settings are too low.
That's about it.
/Dan


-{ a vibration is a movement that doesn't know which way to go }-

I see..you stated that so simply I could do it.. but what I would do to any virus sender I caught would be a bit strange to have to do to myself and I would catch me as I can't run away from myself so very fast..... so I won't do it, Thanks for the information.. if I can understand it anyone can...I reviewed my security on my computer and it is reasonable without being paranoid to the point of not being able to access anything but the approved shopping sites.. Always find out the most interesting things here, yes indeedy!

Just to put things in perspective, *I* still use Netscape 4.72 on my Macintosh, I use it quite a lot actually. The pathetic version of IE5 that Microsoft produced for Macs truly sucks, it's ugly, and introduces a whole range of new bugs and things to 'code around', hrmph. Mozilla/gecko looks cool, but damn! It's slow. I'd love to abandon Netscape finally but it still is the best option I have. (And it's javascript processing (at least on the mac) is one of the fastest I've ever seen, on par with IE for windows.

Your pal, -doc-

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.

InI: Thanks for clarifying all that one point:

quote:

---

Sick and stupid people can use them in rare occasions, on f*d up websites.
(up to you to avoid those websites, they're rare).

---

When I was 'attacked' the site was quite an ordinary POVRay site - I don't know if I caught the owner playing with fire or what but it was a nasty suprise!!

Emps

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.