Full Disclosure mailing list archives
Re: internet-explorer: bug or feature?
From: Andrew Clover <and-bugtraq () doxdesk com>
Date: Thu, 01 Apr 2004 22:03:25 +0100
<ko5 () hush com> wrote: > about:<script>alert('*plopp*');</script> > a small alert popps up and says me '*plopp*', so it seems, that i can > inject any code i want. Originally reported here: http://www.doxdesk.com/personal/posts/bugtraq/20010819-ie.htmlThis was eventually fixed in IE6 SP1, after it was discovered that due to a parsing error this could be abused to execute in the security context of any target domain.
> i am not sure if its what the 'about:'-construct is forIt was just another random pointless feature. IE has a lot of these. Sometimes they prove a security liability and very occasionally they get removed, but no-one seems to have thought of not including them in the first place.
-- Andrew Clover mailto:and () doxdesk com http://www.doxdesk.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- internet-explorer: bug or feature? ko5 (Mar 31)
- Re: internet-explorer: bug or feature? Luke Norman (Mar 31)
- Re: internet-explorer: bug or feature? Andrew Clover (Mar 31)
- <Possible follow-ups>
- Re: internet-explorer: bug or feature? ko5 (Mar 31)