Vulnerability Development mailing list archives
RE: Odd MSIE html parsing
From: "Golden_Eternity" <bhodi_jabir () yahoo com>
Date: Wed, 2 Jan 2002 10:45:22 -0800
Wasn't able to reproduce this with patched IE6 on 2k.
-----Original Message----- From: Matthew S. Hallacy [mailto:poptix () techmonkeys org] Sent: Wednesday, January 02, 2002 5:36 AM To: vuln-dev () securityfocus com Subject: Odd MSIE html parsing I recieved an odd spam today, the links were obfuscated as follows: <A HREF="http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B"> clicking on the link in MSIE shows the following in the address bar: 'http://www.ca1.waredet.net.co.fr(?????)|https.travel.bzah.com/' while it's really going to https.travel.bzah.com (a stupid angelfire spam site, die die die) Comments? I'm curious as to why MSIE allows control characters in the url like this, it didn't work in Mozilla. - Matthew S. Hallacy --
Current thread:
- Odd MSIE html parsing Matthew S. Hallacy (Jan 02)
- RE: Odd MSIE html parsing Golden_Eternity (Jan 02)
- Re: Odd MSIE html parsing Florian Hobelsberger / BlueScreen (Jan 17)
- RE: Odd MSIE html parsing Golden_Eternity (Jan 02)