diff --git a/app/models/site_setting.rb b/app/models/site_setting.rb
index ef2badb4437..48ada1966f7 100644
--- a/app/models/site_setting.rb
+++ b/app/models/site_setting.rb
@@ -169,6 +169,8 @@ class SiteSetting < ActiveRecord::Base
   setting(:s3_region, '', enum: 'S3RegionSiteSetting')
   setting(:s3_upload_bucket, '')
 
+  setting(:enable_flash_video_onebox, false)
+
   setting(:default_trust_level, 0)
   setting(:default_invitee_trust_level, 1)
 
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 330584bfa97..0ce8b508efa 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -566,6 +566,8 @@ en:
     s3_secret_access_key: "The Amazon S3 secret access key that will be used to upload images"
     s3_region: "The Amazon S3 region name that will be used to upload images"
 
+    enable_flash_video_onebox: "Enable embedding of swf and flv links in oneboxes (may introduce a security risk, caution advised)"
+
     default_invitee_trust_level: "Default trust level (0-4) for invited users"
     default_trust_level: "Default trust level (0-4) for users"
 
diff --git a/lib/oneboxer/flash_video_onebox.rb b/lib/oneboxer/flash_video_onebox.rb
index 18c5c26d9a5..96555b1d771 100644
--- a/lib/oneboxer/flash_video_onebox.rb
+++ b/lib/oneboxer/flash_video_onebox.rb
@@ -6,7 +6,11 @@ module Oneboxer
     matcher /^https?:\/\/.*\.(swf|flv)$/
 
     def onebox
-      "<object width='100%' height='100%'><param name='#{@url}' value='#{@url}'><embed src='#{@url}' width='100%' height='100%'></embed></object>"
+      if SiteSetting.enable_flash_video_onebox
+        "<object width='100%' height='100%'><param name='#{@url}' value='#{@url}'><embed src='#{@url}' width='100%' height='100%'></embed></object>"
+      else
+        "<a href='#{@url}'>#{@url}</a>"
+      end
     end
 
   end
diff --git a/spec/components/oneboxer/flash_video_onebox_spec.rb b/spec/components/oneboxer/flash_video_onebox_spec.rb
new file mode 100644
index 00000000000..4bedd740964
--- /dev/null
+++ b/spec/components/oneboxer/flash_video_onebox_spec.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+require 'oneboxer'
+require 'oneboxer/flash_video_onebox'
+
+describe Oneboxer::FlashVideoOnebox do
+  before do
+    @o = Oneboxer::FlashVideoOnebox.new('http://player.56.com/v_OTMyNTk1MzE.swf')
+  end
+
+  context "when SiteSetting.enable_flash_video_onebox is true" do
+    before do
+      SiteSetting.stubs(:enable_flash_video_onebox).returns(true)
+    end
+
+    it "generates a flash video" do
+      expect(@o.onebox).to match_html(
+        "<object width='100%' height='100%'><param name='http://player.56.com/v_OTMyNTk1MzE.swf' value='http://player.56.com/v_OTMyNTk1MzE.swf'><embed src='http://player.56.com/v_OTMyNTk1MzE.swf' width='100%' height='100%'></embed></object>" 
+      )
+    end
+  end
+
+  context "when SiteSetting.enable_flash_video_onebox is false" do
+    before do
+      SiteSetting.stubs(:enable_flash_video_onebox).returns(false)
+    end
+
+    it "generates a link" do
+      expect(@o.onebox).to match_html(
+        "<a href='http://player.56.com/v_OTMyNTk1MzE.swf'>http://player.56.com/v_OTMyNTk1MzE.swf</a>"
+      )
+    end
+  end
+end