NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > WWW-Mobile-Code> 2001-q4

From: Jeremiah Grossman (jeremiahwhitehatsec.com)
Date: Tue Oct 23 2001 - 13:57:44 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

But remember.... you can embed JS in flash and it doesnt play by
the same rules as you might think....

Yes, the documented models prevent this... but... what browser
strictly adheres to any specification?

These are browser bugs if you ask me.

Mark Curphey wrote:

> Not with JavaScript..the security model prevents email without a user
> click thru
>
> ---- "Bill Pennington" <billpboarder.org> wrote:
> > So what about the mailto: URL in IE? Is there a way you could construct
> > a
> > mailto: URL that would silently send mail to an account and attach
> > a file?
> >

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]