It was initially erroneous, though after Dave Ahmad found the problem went with the window object, as well that day, it was obvious that the problem was not with the "popup" object. I believe as much was stated in Dave's post. I added the note to my advisory and let the reader fill in the blanks. Furthermore, Tom Glider found another instance of this quite sometime ago which went entirely unreported outside of the Usenet: http://groups.google.com/groups?hl=en&threadm=3C659F91.EAA0913C%40bn.com&rnum=4&prev=/groups%3Fq%3DTom%2Bgroup:alt.fan.cult-dead-cow%26hl%3Den%26scoring%3Dd%26selm%3D3C659F91.EAA0913C%2540bn.com%26rnum%3D4 Quote: "btw, I thought you'd like to know that your nice "IE PopUp OBJECT Advisory" isn't actually a bug in the popup object - its more to do with the way IE handles ActiveX objects created using innerHTML. This means that IE5.0 (and maybe 4) might be affected too. The following works in IE6 on Windows 98: <html> <script> onload = function() { document.body.innerHTML = '<object classid="CLSID:11111111" codebase="c:/windows/notepad.exe"></object>'; } </script> </html>" Regardless, it is interesting to see it bypass these potential security restrictions. __________________________________________________ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com
