[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
- To: LC <full-disclosure@lists.netsys.com>
- Subject: Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity
- From: Dave Sherohman <esper@sherohman.org>
- Date: Thu, 11 Dec 2003 14:44:37 -0600
On Thu, Dec 11, 2003 at 10:36:41AM -0800, Jim Race wrote:
> Check that. With Moz 1.5:
>
> Opening in a new *TAB* takes one to MS. Clicking the link takes one to
> /. with "http://www.microsoft.com%01@slashdot.org/"; in the address bar.
>
> That's odd.
Not all that odd. Take a look at the source for that link:
<a href="http://www.microsoft.com";
onclick="location.href=unescape('http://www.microsoft.com%01@slashdot.org/');return
false;">
The link actually _is_ to microsoft initially, but the onclick
handler changes it to microsoft%01@slashdot. If you hit it without
triggering the onclick handler (say, by middle-clicking to open it in
a new tab), then going to microsoft is to be expected.
--
The freedoms that we enjoy presently are the most important victories of the
White Hats over the past several millennia, and it is vitally important that
we don't give them up now, only because we are frightened.
- Eolake Stobblehouse (http://stobblehouse.com/text/battle.html)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html