414
Hide OBJECT tag
Activate this switch to defang the tag "<object>". This tag is used to e.g. execute Java
Applets, ActiveX controls and plugins.
14.7.3-D
Tag filter whitelist
Permitted applications
With "Trusted servers (incl. subdomains)" on tab "General" you can disable filtering
for specific servers. The list "Permitted applications" in contrast allows you to permit
specific applications. How an application is identified depends on the HTML tag used
to include it. You will have to examine the HTML source of the web page to find the
required values for whitelisting an application.
Keep in mind that the tag filter replaces the first letter of a filtered
tag by an exclamation mark. To find filtered object, embed or
applet tags, you will have to look for "!bject", "!mbed" or "!pplet",
respectively.
You can append the following values to the list:
Class IDs
Class IDs can be found in object tags' "classid" attributes. It consists of the string
"clsid:" followed by a structured combination of digits and letters. The following
example is used to include Adobe Flash:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000">
.
To
accept
this
application,
add
"clsid:d27cdb6e-
ae6d-11cf-96b8-444553540000" to the list.
If the object tag also contains a "type" attribute, its value
has to be added, too (see content type below).
Content type
Content types are given in the "type" attribute of object and embed tags. Examples
are
<object type="application/x-shockwave-flash">
and
<embed type="application/x-shockwave-flash">
. To accept both cases, "application/x-shockwave-flash" must be included in the
list.