Nmap Development mailing list archives

Re: Path to nmap.xsl for win32

From: David Fifield <david () bamsoftware com>
Date: Mon, 29 Sep 2008 14:42:05 -0600

On Mon, Sep 29, 2008 at 09:01:54PM +0100, jah wrote:

There's a feature of firefox 3 which affects the handling of file:///
resources alluded to in [1] which also describes how to change the
security.fileuri.strict_origin_policy preference to work around the
feature - possibly lowering security in the process.

Basically firefox will load file:///C:/Program Files/Nmap/nmap.xsl if
the xml output file is opened from
C:/ or
C:/Program Files or
C:/Program Files/Nmap or any subdirectory thereof.
If the xml output file is opened from anywhere else ( e.g. C:/Program
Files/foo/) firefox's error console reports:
Security Error: Content at file:///C:/Program%20Files/foo/test.xml may
not load data from file:///C:/Program%20Files/Nmap/nmap.xsl.


Very interesting. What happens with --webxml?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Path to nmap.xsl for win32 jah (Sep 13)
- Re: Path to nmap.xsl for win32 David Fifield (Sep 23)
  - Re: Path to nmap.xsl for win32 jah (Sep 24)
    - Re: Path to nmap.xsl for win32 David Fifield (Sep 24)
    - Re: Path to nmap.xsl for win32 jah (Sep 24)
    - Re: Path to nmap.xsl for win32 David Fifield (Sep 24)
    - Re: Path to nmap.xsl for win32 jah (Sep 24)
    - Re: Path to nmap.xsl for win32 David Fifield (Sep 29)
    - Re: Path to nmap.xsl for win32 jah (Sep 29)
    - Re: Path to nmap.xsl for win32 David Fifield (Sep 29)
    - Re: Path to nmap.xsl for win32 jah (Sep 29)