Anyone can embed my forum or their posts in any blog or site ?

I perceived that anyone, same not registered or only as anonymous visitor, can have access to embed code and embed a topic of a Nabble forum inside any site or blog. And with this, embed the full forum in these sites or blogs. Without our knowledge or permission.

I don't know if it is a good idea. I changed the code of macro menu_embed_post to fix this issue:

original:

dropdown.add('embedPost<n.id/>', '<n.javascript_string_encode.embed_post_link/>');

modified:

<!-- dropdown.add('embedPost<n.id/>', '<n.javascript_string_encode.embed_post_link/>'); --> 

 
I did here because this macro is called by topic_dropdown and root_post_dropdown.

The option to embed code will be present only on first page of forum and if you are Admin.

You must have made some modification to your forum for someone who is not an administrator to see the embedding options item on the menu. It does not happen as standard.

Having said that the format for the embedding code is completely standard and anyone familiar with Nabble can work out what the code for any forum is by emaming the permalink of the forum root.

You must have made some modification to your forum for someone who is not an administrator to see the embedding options item on the menu. It does not happen as standard.

Nope, Greg. I didn't.

I wasn't logged in support Nabble and I got the lines:

<a id="nabblelink" href="http://support.nabble.com/Anyone-can-embed-my-forum-or-their-posts-in-any-blog-or-site-tp7591565.html">Anyone can embed my forum or their posts in any blog or site ?</a>
<script src="http://support.nabble.com/embed/p7591565"></script>

With these lines I can publish this topic embed in any place, with plain functions. In other words, I can navigate to main page or any other page exactly as if I was with the address of the forum in my browser.

This issue isn't a security question. But I feel bad with the possibility of anyone publish my forum in any place. Despite it has some good return spreading my work.

My forum is  scientific. I will not like to hear that it is inside of a porno site, working with full functions, only because some one found it pretty.  

Apologies! I had not read your post properly.

You are right!

Something has changed on Nabble. It appears to be system wide, and, like you, it doesn't seem quite right to me.

On any forum a Topic "Options" menu now has an "embed post" option on the menu.

This doesn't see right on a number of counts. Surely if it was just the post that was being embedded it should be on the "More" menu, or it should be "Embed Topic", but there is also the more general point you make, shouldn't only Administrators see this option.