>>11-12That's highly insecure, as there's no way whatsoever to confirm that an embedded object is non-malicious.