|
Full Disclosure
mailing list archives
Re: Trigerring Java code from a SVG image
From: Nicolas Grégoire <nicolas.gregoire () agarri fr>
Date: Wed, 16 May 2012 19:29:11 +0200
Uploading a SVG chameleon (SVG file triggering a XSLT
transformation) to a website allows to display nearly arbitrary
content if the file is called directly.
In order to demonstrate this point _and_ the weird Opera behavior, I put
online a SVG chameleon and a HTML file calling it via <img>:
http://www.agarri.fr/docs/svg2html.svg
http://www.agarri.fr/docs/svg2html.html
If the chameleon is called directly, Opera, Firefox and Webkit (IE
untested) execute the HTML Javascript code located in the output
document. Look at the DOM, there's no more reference to the source SVG
file anymore.
If the chameleon is called via <img>, only Opera renders the HTML output
(without executing the Javascript). I didn't test if the inter-documents
behavior is similar to the (i)frames one ... Screen-shot:
http://www.agarri.fr/docs/opera-chameleon.png
<shameless advertising>I'll demonstrate some additional XML/XSLT/SVG/...
tricks at Hack in the Box Amsterdam next week</shameless advertising>
Nicolas
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
