Re: OBJECT Bugs or Features

Valdis.Kletnieks_at_vt.edu
Date: 06/08/04

  • Next message: Tom: "[FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability"
    To: James C Slora Jr <Jim.Slora@phra.com>
    Date: Mon, 07 Jun 2004 19:49:28 -0400
    
    
    

    On Mon, 07 Jun 2004 16:15:47 EDT, James C Slora Jr <Jim.Slora@phra.com> said:

    > 2. Should an email client process an OBJECT tag that is not even embedded
    > within HTML tags?

    > Content-Type: text/html;
    > Content-Transfer-Encoding: quoted-printable
    >
    > ~object
    > data=3D"http://www.seductiveones.~biz/easy/orrorr/sock/page.~php"~=20

    Well.. at least it's a text/html. Does it work if the Content-Type: is text/plain?

    
    



  • Next message: Tom: "[FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability"