Full Disclosure mailing list archives
Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen)
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 21 Oct 2005 20:15:30 +1300
Jake Cole to me:
In "Billy's" defense, this is expected in most JavaScript-enabled browsers.
"expected" and "most" don't quite tie up. Is it "expected" or not? Are theer javascript-enabled browsers where it doesn't work? If so, in what truly meaningful sense is this "expected" behaviour? (See another recent post where I explain what happens in Mozilla 1.0.7 on my machine...)
Here's a Firefox version:
<<snip>> Hmmmm -- a "Firefox version"?? Suggests that it is not quite entirely "expected", eh? More that it is a corner case, or perhaps, even -- gasp -- undefined, no?? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Jake Cole (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Valdis . Kletnieks (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Thierry Zoller (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Valdis . Kletnieks (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Paul Schmehl (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Nick FitzGerald (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Thierry Zoller (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Valdis . Kletnieks (Oct 20)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Jake Cole (Oct 21)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Nick FitzGerald (Oct 21)
- Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen) Mike Camden (Oct 21)