Subject: RE: data protocol: was RE: node-setting() escaped text
From: "Marty McKeever" <marty.mckeever@xxxxxxxxxx>
Date: Thu, 13 Feb 2003 11:22:00 -0500
|
yeah there was a nice security issue on this one, allowing you to read other
peoples cookies. something along the lines of
about:www.yahoo.com<script>alert(document.cookies)</script>
would fool IE into thinking that the result was a document on the yahoo.com
domain and therefore safe to read/write yahoos cookies.
> -----Original Message-----
> From: owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> [mailto:owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx]On Behalf Of Américo
> Albuquerque
> Sent: Thursday, February 13, 2003 9:58 AM
> To: xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> Subject: RE: data protocol: was RE: node-setting() escaped text
>
>
> Hi Bryan
> You can do something like that in IE.
> Try:
> about:<html code>
>
> try writing this in a html page :)
>
> Link: <a href="about:<p><b>Teste</b></p>" target=_new>Click
> here</a>.<br>
> Link: <a href="about:<b>hello</b><br/><p
> onclick=javascript:window.open('http://www.xml.com')>hello</p>"
> target=_new>Click here</a>.<br>
> Link: <a
> href="about:<script>location.href='http://www.xml.com';</script>"
> target=_new>Click here</a>
>
>
> -----Original Message-----
> From: owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> [mailto:owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of bryan
> Sent: Thursday, February 13, 2003 2:22 PM
> To: xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> Subject: data protocol: was RE: node-setting() escaped text
>
>
> >data:text/html,<b>hello</b>
> >into netscape's location bar)
>
> why do I think this is a security problem? Hmm
> data:text/html,<b>hello</b><br/><p
> onclick="javascript:window.open('http://www.xml.com')">hello</p>
>
> anyway it's interesting that it wasn't done as an app, asynchronous
> pluggable protocol, if it were then one could launch mozilla from within
> IE by calling the protocol, on the other hand as it wasn't this opens
> the way up for an ie implementation. In fact it wouldn't be difficult at
> all, of course as ie has enough security bugs...
>
>
>
> XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
>
>
> XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
>
>
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
| Current Thread |
|---|
- data protocol: was RE: node-setting() escaped text, (continued)
- bryan - Thu, 13 Feb 2003 09:22:15 -0500 (EST)
- Américo Albuquerque - Thu, 13 Feb 2003 09:56:49 -0500 (EST)
- bryan - Thu, 13 Feb 2003 10:14:08 -0500 (EST)
- David Carlisle - Thu, 13 Feb 2003 10:56:39 -0500 (EST)
- Marty McKeever - Thu, 13 Feb 2003 11:19:54 -0500 (EST) <=
- Américo Albuquerque - Fri, 14 Feb 2003 08:54:52 -0500 (EST)
- Oleg Tkachenko - Thu, 13 Feb 2003 09:15:22 -0500 (EST)
- Marty McKeever - Thu, 13 Feb 2003 11:16:55 -0500 (EST)
- Michael Kay - Thu, 13 Feb 2003 12:35:42 -0500 (EST)
|
|
Cart
