[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "expression" in text gets underscores?

On December 23, 2004 at 11:08, Jeff Breidenbach wrote:

> Good catch. I'm seeing this as well, although (after checking
> out about 10 messages) it seems like this problem only occurs in
> HTML mail.

It happens because of the script filtering of HTML data.  IE supports
the non-standard(?) 'expression' operator in CSS styles, which allows
script style instruction execution.  Therefore, it can be used for
XSS-based attacks.

To keep things simple and to avoid complicated HTML and CSS parsing,
any occurance of "expression" is changed to "_expression_" to
disable it if occurs in a CSS style.  The same applies to the string


[Index of Archives]     [Bugtraq]     [Yosemite News]     [Mhonarc Home]