Re: Plain text files in internet explorer
From: Helmut Springer (delta@FaVeVe.Uni-Stuttgart.de)Date: 09/03/02
- Previous message: Blue Boar: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
- In reply to: Dan Kaminsky: "Re: Plain text files in internet explorer"
- Next in thread: Marc Slemko: "Re: Plain text files in internet explorer"
- Next in thread: Bernie Cosell: "Re: Plain text files in internet explorer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 3 Sep 2002 17:18:10 +0200 From: Helmut Springer <delta@FaVeVe.Uni-Stuttgart.de> To: vuln-dev@securityfocus.com
On 03 Sep 2002 at 01:43 +0200, Dan Kaminsky wrote:
> There's few engineers who will praise the simultaneous genius of URLs,
> HTTP, and HTML as highly as myself. That they all spawned
> simultaneously is a feat of synergistic engineering unparalleled in
> recent memory. But MIME-types are a failure, and a stubborn refusal to
> admit such benefits nobody.
Pardon? MIME-types are a standard to declare the type of data,
nothing more, nothing less. If the MIME-type of some data is
declared by an untrusted entitiy, you should not trust this
declaration. If the data is sent by some untrusted entity you
should not trust the data. Usually the data will present more of a
danger than the declaration, but then...
What's your problem regarding MIME-types again?
-- MfG/Best regards, "A Feature you cannot disable is helmut springer considered a bug" comp.os.unix
- Previous message: Blue Boar: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
- In reply to: Dan Kaminsky: "Re: Plain text files in internet explorer"
- Next in thread: Marc Slemko: "Re: Plain text files in internet explorer"
- Next in thread: Bernie Cosell: "Re: Plain text files in internet explorer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
