[Esd-l] Fwd: Notepad popups in Internet Explorer and Outlook
John D. Hardin
jhardin at impsec.org
Wed Aug 6 05:30:34 PDT 2003
On Wed, 6 Aug 2003, Marcus Williams wrote:
> On Wednesday, August 6, 2003, at 10:22, you wrote:
> > The link mentioned above is dead.
>
> Works fine here (via mozilla with no popups obviously).
Here, too.
> Works for me (IE6). Apparently works in an HTML email as well.
Their example for an automatic popup - an IMG tag with the source a
view-source URL - *will* be defanged by the sanitizer if you have
webbug defanging enabled, as would a bgsound or background image tag.
Regular links will not be defanged, but the recipient would have to
actually click on the link to open the file. hey would not open
automatically.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
88 days until Matrix Revolutions
More information about the esd-l
mailing list