robmoffat

Awesome answer thanks!

I’m pretty sure you’re aware of the difference between me asking “what is the point of feature X?” and “why is feature X implemented in a given way?”. So, I’ll just read your flippancy as that you don’t know.

Does anyone else have an insight into this design decision? It seems to me a choice of quickest-to-implement over best, but the whole reason I am asking is that I may well be missing some of the finer detail on it.

Hi Mika,

Actually, that wasn’t my question, but thanks for attempting an answer.

What I am asking is this: there are clearly two different approaches to securing oEmbed, the whitelist approach (which wordpress uses) and the iframe approach (as detailed on the oEmbed.com site). Why has WordPress chosen the former?

From my limited understanding, it seems a weaker solution to me as it requires the maintenance of the whitelist, but I expect I am missing something.

thanks,

Rob

Anyone from Polldaddy have any thoughts about this?

Yeah I have the same problem

bing bong!

anybody home?