Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: A Popup! In Mozilla!
From: John Dowling <greyhatthe2nd () yahoo com>
Date: Wed, 21 Jul 2004 13:56:01 -0700 (PDT)

I disagree.

Initially, the image used in that popup actually comes
from a different server, but that's trivial.  What I
see as a bigger issue is that blocking the image from
the server leaves the user with an empty div block
covering the page, and blocking the site serving the
div content could essentially render the div
'uncloseable'.  Of course, this is more along the
lines of browseability, and does not seem to have any
very obvious security implications above and beyond
what can be served via a page without the annoying
<div>.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On
Behalf Of Charles Richmond
Sent: Wednesday, July 21, 2004 7:48 AM
To: Dave King
Cc: Full Disclosure; James Woodcock
Subject: Re: [Full-disclosure] A Popup! In Mozilla!

Add the following to adblock

        http://2-spyware.com/images/*

On Jul 21, 2004, at 1:44 AM, Dave King wrote:

This isn't a normal "popup" in that it doesn't open
a new browser 
window.  All they're doing is placing this great
animated gif  over 
the middle of the page using absolute positioning in
the DIV tag.  
Notice that it looks like an IE window even in
Firefox.  Really this 
is a sneaky trick that is pretty annoying.  I think
this type of ad 
placement is going to be hard to block since most of
the time absolute 
positioning images is just part of the normal page
and has nothing to 
do with ads, even though I guess at one time pop-ups
were used 
legitimately almost exclusively.  At least this page
seems to be 
thoughtful enough to only display the ad the first
time you visit it.  
Tricky little devils aren't they (and getting
trickier all the time).


                                                  
Charles Richmond

       Implemented Integrated Systems Corporation 
http://www.iisc.com
     O/S, I18N, Systems Development, Process and
Integration Providers
     cmr () iisc com   cmr () acm org   YIM:cmriisc 
http://www.iisc.com/cmr
            7B West St., Somerville, Ma. USA 02144 
(781) 389 9777

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.netsys.com/full-disclosure-charter.html



                
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault