Full Disclosure mailing list archives

A Popup! In Mozilla!

From: James Woodcock <spamtrap2 () austarnet com au>
Date: Wed, 21 Jul 2004 14:13:09 +1000

This might seem like it should be going to a webdev list, but there's apossible security implication, so here goes;


http://2-spyware.com/file-cnfrm-exe.html

In Mozilla 1.5 and FireFox 0.9 with the pop-up blocker turned on, I geta pop-up! It's purporting to be an important notice from my NetworkAdministrator - you'll probably recognise it;


http://2-spyware.com/images/2SPYRR1C.gif

Looking at the source of the page, I see that the pop-up is beinggenerated by a <DIV> statement that comes after the closing </html> tagwhich - I thought - was supposed to indicate the end of the document.

Is a web browser supposed to be able to render code outside the<html></html> tags?

Using IE 6.0.2800.1106, on viewing the source, I find that the DIVstatement that followed the closing </html> tag is now the laststatement BEFORE the </html> tag. What gives?


James


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

A Popup! In Mozilla! James Woodcock (Jul 20)
- Re: A Popup! In Mozilla! Duncan Hill (Jul 20)
- Re: A Popup! In Mozilla! Andrew Farmer (Jul 20)
- Re: A Popup! In Mozilla! Jesse Ruderman (Jul 21)
- Re: A Popup! In Mozilla! Xavier Beaudouin (Jul 21)
- Re: A Popup! In Mozilla! Dave King (Jul 21)
  - Re: A Popup! In Mozilla! Charles Richmond (Jul 21)
  - Re: A Popup! In Mozilla! a (Jul 21)
    - Re: A Popup! In Mozilla! Szilveszter Adam (Jul 21)
- <Possible follow-ups>
- Re: A Popup! In Mozilla! John Dowling (Jul 21)
- RE: A Popup! In Mozilla! John Dowling (Jul 21)

(Thread continues...)