[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "expression" in text gets underscores?
On December 23, 2004 at 11:08, Jeff Breidenbach wrote:
> Good catch. I'm seeing this as well, although (after checking
> out about 10 messages) it seems like this problem only occurs in
> HTML mail.
It happens because of the script filtering of HTML data. IE supports
the non-standard(?) 'expression' operator in CSS styles, which allows
script style instruction execution. Therefore, it can be used for
XSS-based attacks.
To keep things simple and to avoid complicated HTML and CSS parsing,
any occurance of "expression" is changed to "_expression_" to
disable it if occurs in a CSS style. The same applies to the string
"javascript".
--ewh
[Index of Archives]
[Bugtraq]
[Yosemite News]
[Mhonarc Home]