Vulnerability Development: Re: Plain text files in internet explorer

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Plain text files in internet explorer

From: Magnus Bodin <magnus () bodin org>
Date: Sun, 1 Sep 2002 19:06:42 +0200

On Sat, Aug 31, 2002 at 07:54:16AM -0400, John Hennessy wrote:

Is it just me or is impossible to have plain text in internet explorer?
http://www.charm.net/~johnh/annoying.txt

If I make a text file and put it on my webserver, and put in a few lines
of text and then basicly anything in <>'s internet explorer will read it
as HTML.

Grrrrr is all I have to say about that.


Internet Explorer decides for itself whether the sent Content-type heading
is "correct" or needs to be "re-thought". 

It has been a known "feature" of explorer since a long time ago;
see my testpage at 

http://x42.com/test/mime/

You e.g. can use this knowledge to send javascript as "image/gif" through
firewalls that "block" evil content-types.

/magnus

-- 
http://x42.com/

By Date By Thread

Current thread:

RE: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer], (continued)
- RE: Plain text files in internet explorer Chris Sandy (Sep 01)
- Re: Plain text files in internet explorer Magnus Bodin (Sep 01)
- Re: Plain text files in internet explorer byron (Sep 02)
  - Re: Plain text files in internet explorer Bill Weiss (Sep 02)
- Re: Plain text files in internet explorer Benjamin Elijah Griffin (Sep 03)
  - Re: Plain text files in internet explorer Pierre-Yves Bonnetain (Sep 06)
    - RE: Plain text files in internet explorer Dom De Vitto (Sep 07)