Vulnerability Development mailing list archives
Re: internet explorer view-source url
From: "Juan M. Courcoul" <courcoul () campus qro itesm mx>
Date: Mon, 10 Jun 2002 17:37:35 -0500
hellNbak wrote
On Mon, 10 Jun 2002, John C. Hennessy wrote:Perhaps its just me but I see this as a potential problem. From what I can tell all versions of internet explorer 4 and above allow view-source urls. view-source:http://www.news.comI think it might be just you as doing a view-source:///boot.ini will show you the LOCAL boot.ini. So, if I was a malicous web master, unless I can get some sort of code to execute this doesn't help me all that much.
Tried both formats for the view-source URLs with the following results:
Windows 2000 Professional SP2+all current patches
Internet Explorer 5.50.4807.2300
view-source:http:... works, sort of. Page gets fetched, and displayed
using Notepad, not the main browser window.
view-source:///local file does not work. Nothing is ever displayed.
MacOS X 10.1.5+all current patches
Internet Explorer for X 5.1.4 (4415.2)
view-source: any format. "Error: this program does not support the
protocol for accessing 'view-source:'.
HTH,
JMC
Current thread:
- internet explorer view-source url John C. Hennessy (Jun 10)
- Re: internet explorer view-source url hellNbak (Jun 10)
- Re: internet explorer view-source url Juan M. Courcoul (Jun 11)
- Re: internet explorer view-source url Juan M. Courcoul (Jun 11)
- RE: internet explorer view-source url aultl (Jun 12)
- Re: internet explorer view-source url John C. Hennessy (Jun 12)
- RE: internet explorer view-source url chris carey (Jun 12)
- Re: internet explorer view-source url Juan M. Courcoul (Jun 11)
- Re: internet explorer view-source url hellNbak (Jun 10)