Skip to page content

Widgets, Plugins and Other Embedded Code

Web Services is always on the lookout for upcoming technology and trends that will be useful to you and your constituents. That is the main reason why the Tarleton website is going through a conversion to responsive/squishy design. With these changes, unstable and unreliable code must be removed from the website to ensure your constituents' safety, our security, and everyone's accessibility to your content.

Consulting with Web Services on any project, including widgets, applications, plugins or other embedded code, allows us to keep your message clear to your constituents, assist you with your specific goals in the most strategic manner, and keep Tarleton in compliance with all federal, state and local laws, regulations and guidelines. No code will be embedded without full investigation by Web Services to ensure these are all met.

Flash "Widgets"

Adobe Flash has an end-of-life date in 2020, which means all content displayed through the Adobe Flash Player must be transferred into an alternative solution as soon as possible to be sustainable on our website. The Flash Player itself is inaccessible (WebAIM's Creating Accessible Flash Content) blocked or turned off on many devices and browsers already (Engadget's Firefox now blocks Flash automatically), so much of our audience is not being served the content currently on our website in Flash form.

Speak with your vendors or potential vendors regarding if they use Flash and if they are converting to HTML 5 solutions in the very near future. Due to their lack of security, accessibility, and compatibility, University Web Services will not approve any Flash-based products for embedding on the new responsive web templates which adhere to current laws, guidelines, and regulations. Please contact Web Services about alternative solutions.

How do you know it is a Flash widget?

If you right-click on the widget in your browser, and it shows a menu option "About Adobe Flash Player [version]", that is a Flash widget.

Untransferable products and services

The following is a short list of examples that will not be transferable, along with any Tarleton-made Flash widgets:

Many other products and services have failed the vetting process by Web Services including:

  • Prezi presentations
  • Photobucket, Flickr, and other photo (and music) slideshows or galleries
  • Music or audio players
  • Online form software
  • Calendar/events solutions
  • Clocks and countdowns
  • Chat room software
  • Flipbooks

Some solutions for these are under investigation for product improvements while others have been vetted, purchased, and in the process of implementation. For example, we currently have in place university-wide solutions for calendars, events, online forms, and slideshows. Contact Web Services for consultation regarding any solution you desire or want vetted for implementation on the Tarleton website.

Social Media Widgets

Before Web Services even considered a redesign of the Tarleton website to be responsive/squishy, social media widgets, including social media feeds, were already causing instability issues on the old templates. Originally, Web Services could pull the content (via a feed file) and style it with our Tarleton colors, etc., however, these larger social media outlets have been wary of their competition using their platforms to promote their competing products, and they decided they wanted to control the entire look and feel of their platforms to direct their users to their own service (see how Instagram stopped showing previews of their photos on Twitter to increase viewership on their own platform or the Periscope vs. Meerkat showdown).

With their insistence on using proprietary code for the look and feel, you are at their mercy at all times, given few customization options.

Web Services attempted before to fix issues. For example, the Facebook feed widget would appear oddly outside the template's layout a few times throughout the year. Web Services tweaked the code to fit it back in the boundaries and display at the right text size, but as soon as Facebook fixed the widget, the temporary code fix broke the widget again. Web Services would have to go to every single webpage that had the Facebook widget, and fix each and every one across the Tarleton website essentially twice.

If your page is not working correctly because of the social media feed, Web Services' hands are tied during that time the vendor is working on the fix while your page looks broken and unprofessional. 

Given the instability of their code, Web Services has discouraged new requests for embedded social media widgets and will not be moving them to the redesigned site unless Web Services can find a proper alternative. Given the lack of support for customization of widgets from these social media outlets, Web Services is not hopeful for solutions at this time but nevertheless is on the lookout. You are still allowed to link to your social media pages per the social media guidelines.

The following is a short list of examples of social media widgets that will not be transferable until proper alternatives are found:

  • Social media feed, follow, like, etc. widgets
  • Social media mass share widgets (e.g. AddThis, ShareThis)
  • Comment/discussion widgets
  • Ratings widgets

Tracking Code

Web Services uses Google Tag Manager tracking code to help you determine what is working on your website, what your constituents are interested in, and what needs improvement or removal due to lack of interest from your target audiences. We consult with you based on university, department, and program goals and your constituents' needs when accessing website content. However, when additional tracking code combines with our code, our analytical data gets skewed (e.g. duplication or removal of important information), so Web Services cannot provide proper consultation service to you.

Typically, tracking code (like Google Analytics) is hidden from sight when your constituents view a website. This is good because you don't necessarily want people to see those pageview numbers which only tell a partial story about the page's usage anyway. Some might interpret them as good while others might think they are bad. But what you don't know is that hackers can see these embedded code snippets and exploit their security flaws to hack our website. One of the many approaches they use is "injection". In this scenario, they don't have access to Cascade Server or the web server itself to make changes to our webpages, but they can view the code of our website, find a backdoor in any weak programming, and inject malicious code onto our webpages and server. Flash widgets are what we typically hear about having these flaws, but any code has the potential to create security leaks.