Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


The Eolas Patent: Don't Be a Victim : Page 2

Even if you're all for sticking it to Microsoft, you'd better keep a close eye on the Eolas case. If Eolas is allowed to enforce this patent, Microsoft won't be the only one paying: Web developers and Web consumers will pay a dear price, and Eolas has even more in store.




Application Security Testing: An Integral Part of DevOps

You can (and should) read the "techniques suggested by Microsoft" mentioned earlier (see the document "Changes to the Default Handling of ActiveX Controls by Internet Explorer") because there are workarounds—ways you can change your HTML and server responses to avoid the prompt dialog.

In a nutshell, the "Changes" document explains how IE determines when to display the prompt, and describes methods that you can use to avoid the prompt. Basically, you can use ActiveX controls when they either don't have any child <param> tags, or when those child <param> tags don't reference any external content via a URI.

When a control does access external data, you can load the control via a script placed in an external file, not in the main page, useable via a function called from the main page. That script uses the document.write() method and/or the innerHTML property of <div> or <span> tags to create the <object> tag dynamically and set its properties. You can also defeat the prompt by adding the new attribute NOEXTERNALDATA="true" to the <object> tag itself. Adding the attribute informs IE that it's "safe" to use the embedded object—but also prevents the embedded object from using any <param> tag that references an external URI. Finally, you can sometimes replace <param> tags that reference external URIs by using the DATA attribute, using base64-encoded data, or supplying the base64-encoded data via the VALUE attribute of a <param> tag.

Obviously, having to change the content of the enormous number of pages that do use <object> tags is going to be both expensive and time-consuming. Further, it's highly likely that users will upgrade to the newer IE version (and thus see the prompt) far more rapidly than developers can change their HTML pages. This lag means that some users will have to get used to clicking the OK button to get rid of the prompt, and others will change their settings to avoid the prompt (and probably the content) altogether.

Outrage and Intellectual Extortion
When Microsoft announced these changes, it produced a flurry of outrage among Web developers, particularly those who create embedded content, such as the Flash community. Many feel that, having lost the lawsuit, Microsoft should have purchased a license from Eolas, rather than making changes to the browser that force developers to modify their pages.

Eolas supposedly made an offer to issue such a license, but there's no official confirmation or acknowledgement of that offer from Microsoft—and rightly so. This patent should never have been issued. That it was issued only underscores how little the Patent Office understands the process of creating software, or how similar the idea of interacting with remote content via the Web is to interacting with content stored locally (which the patent does not cover). In other words, Doyle and the UC didn't patent the idea of embedding content, they just patented the process of using such embedded content when it's delivered from a remote location. That was hardly a distinctive idea, even in 1993.

While such derivative ideas may be patentable, and (as shown by this lawsuit) legally enforceable, using the court system to enforce such patents amounts to legal blackmail, not patent protection. That's especially true when the target is only one among many companies actively engaged in infringement. In other words, Eolas hasn't yet objected to any other company infringing on their patent rights, only the one with the most cash.

Fortunately, despite the loss of goodwill from developers, and despite the court ruling forcing it to pay damages, Microsoft has resisted this intellectual extortion, and has implemented changes that circumvent the patent rather than taking the easy route and caving in to Eolas' demands.

A Call to Vigilance
The fact that this patent was ever issued is ipso facto proof that developers should be extremely vigilant about preventing such patents in the future, perhaps via letter-writing campaigns, or by creating an organization dedicated to watching for overly broad patent applications that, if granted, would have an adverse effect on development. Lest you think that this call to vigilance is overblown you should peruse the other patents that Eolas may try to enforce in the future.

A. Russell Jones is the Executive Editor at DevX. Reach him via email.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date