Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: EEYE: Temporary workaround for IE createTextRange vulnerab

From: bkfsec <bkfsec () sdf lonestar org>
Date: Tue, 28 Mar 2006 11:49:04 -0500
Valdis.Kletnieks () vt edu wrote:



(I didn't even *mention* the cost of beating the snot out of the web developers
who coded IE-specific extensions into a corporate webpage, did I?   It's
usually not the actual install cost that gets you, it's the ripple effect that
providing the support generates...)
You're ultimately right about the cost, but the problem is that... well, what you've got there is bad practice that *must* be corrected anyway.
You'd better believe that when I find web developers being browser-reliant I raise a fuss. It doesn't always generate results but it does get the message across. 

         -bkfsec


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: