RE: data protocol: was RE: [xsl] node-setting() escaped text

yeah there was a nice security issue on this one, allowing you to read other
peoples cookies.  something along the lines of

about:www.yahoo.com<script>alert(document.cookies)</script>

would fool IE into thinking that the result was a document on the yahoo.com
domain and therefore safe to read/write yahoos cookies.



> -----Original Message-----
> From: owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> [mailto:owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx]On Behalf Of Américo
> Albuquerque
> Sent: Thursday, February 13, 2003 9:58 AM
> To: xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> Subject: RE: data protocol: was RE: [xsl] node-setting() escaped text
>
>
> Hi Bryan
> You can do something like that in IE.
> Try:
> about:<html code>
>
> try writing this in a html page :)
>
>  Link: <a href="about:<p><b>Teste</b></p>" target=_new>Click
> here</a>.<br>
>  Link: <a href="about:<b>hello</b><br/><p
> onclick=javascript:window.open('http://www.xml.com')>hello</p>"
> target=_new>Click here</a>.<br>
>  Link: <a
> href="about:<script>location.href='http://www.xml.com';</script>"
> target=_new>Click here</a>
>
>
> -----Original Message-----
> From: owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> [mailto:owner-xsl-list@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of bryan
> Sent: Thursday, February 13, 2003 2:22 PM
> To: xsl-list@xxxxxxxxxxxxxxxxxxxxxx
> Subject: data protocol: was RE: [xsl] node-setting() escaped text
>
>
> >data:text/html,<b>hello</b>
> >into netscape's location bar)
>
> why do I think this is a security problem? Hmm
> data:text/html,<b>hello</b><br/><p
> onclick="javascript:window.open('http://www.xml.com')">hello</p>
>
> anyway it's interesting that it wasn't done as an app, asynchronous
> pluggable protocol, if it were then one could launch mozilla from within
> IE by calling the protocol, on the other hand as it wasn't this opens
> the way up for an ie implementation. In fact it wouldn't be difficult at
> all, of course as ie has enough security bugs...
>
>
>
>  XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list
>
>
>  XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list
>
>


 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list

Current Thread
data protocol: was RE: [xsl] node-setting() escaped text, (continued) bryan - Thu, 13 Feb 2003 15:21:37 +0100 Américo Albuquerque - Thu, 13 Feb 2003 14:58:23 -0000 bryan - Thu, 13 Feb 2003 16:13:30 +0100 David Carlisle - Thu, 13 Feb 2003 15:58:08 GMT Marty McKeever - Thu, 13 Feb 2003 11:22:00 -0500 <= Américo Albuquerque - Fri, 14 Feb 2003 13:56:22 -0000 Oleg Tkachenko - Thu, 13 Feb 2003 16:18:19 +0200 Marty McKeever - Thu, 13 Feb 2003 11:19:03 -0500 Michael Kay - Thu, 13 Feb 2003 17:37:09 -0000

Current Thread

data protocol: was RE: [xsl] node-setting() escaped text, (continued)

<- Previous	Index	Next ->
Re: data protocol: was RE: [xsl] no, David Carlisle	Thread	[xsl] RE: data protocol (off topic,, Américo Albuquerque
RE: [xsl] node-setting() escaped te, Marty McKeever	Date	[xsl] MSIE - XSL transform -> .inne, Shenan Hawkins
	Month

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home