I just found out that Renderosity is not going to allow use of this on storefronts due to certain past exploits on browser vulnerabilities. I, for one, feel the programmer's are just a little paranoid about this since the past, discovered, exploits using IFRAME have described the potential threat at the local level. I don't have the slightest idea why, we as merchants, would attack our clients especially when the IP address of the executable source code would be resolvable through this exploit. In other words, it would be known just where the attack came from. The other issue is that the vulnerability is not with the IFRAME extended markup but with unpatched vulnerabilities in browsers and email clients (which are many and not just exclusive to IFRAME as we all know). There have been several similar exploits using FLASH, which is allowed in banner ads here as well. FLASH is actually more vulnerable to a boatload of exploits since it contains code to begin with, whereas IFRAME does not. The security threat comes from a MIME exploit in some browsers and email clients which can allow a malicious designer to execute code inside an IFRAME. This threat is more prevelant with email clients since many will view HTML documents and if vulnerable to the exploit may allow the code to be executed without the user having to open an attachment. However, it requires that the designer to be malicious to begin with. So, if I were to be malicious toward my clients, I could think up hundreds of ways in which to do this through my storefront. It's, however, ludicrous to think that I would even concieve of doing that to my customers. However this isn't my web site, so I'll leave it up to Rendo to decide what is and isn't allowed. However, for many of us who wish to give our customers more imagery of our products in detail (without loading them all to one page), I'd suggest we all voice our opinions on changing the upload page to allow for image popups (that are sized to the image and do not open a full browser window replete with toolbars etc!). Since Rendo, does take half of our sales, I think the least they could do is offer us this. They could still allow for the images to be stored remotely, but just allow us to have the option of having them in a popup (not a new browser window).