|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Hotmail security hole - injecting JavaScript using <IMG
Subject: Re: Hotmail security hole - injecting JavaScript using
On Tue, 04 Jan 2000, Kevin Hecht wrote:
Netscape actually tries to parse the value returned by the script, so if your
What could be useful would be a tag working like
</blockscript key=samepieceofdata>
anything between these tags would still get parsed as HTML, but with no script
Just dreaming,
This archive was generated by hypermail 2b27
: Wed Jan 05 2000 - 13:32:36 CST
YAHOO.COM)
Date: Wed Jan 05 2000 - 04:37:49 CST
RIB.DE: "Re: Hotmail security hole - injecting JavaScript using <IMG"
> While Hotmail obviously has a filtering hole, should the browser
> manufacturers be on the hook here as well, given that javascript: URLs
> probably shouldn't be rendered at all by the <IMG> tag? While a
> JavaScript script may load an image on its own, I don't see why the
> script itself should be loaded and parsed from an <IMG> tag.
script returns, for example, a valid XPM string, you'll get that image
displayed.
<blockscript key=randompieceofdata>
hook working.
That way, filtering scripts out of untrusted HTML would become the browser
manufacturers responbility, and things would be a lot easier for everyone else.
Henri Torgemane
RIB.DE: "Re: Hotmail security hole - injecting JavaScript using <IMG"