-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 07 September 2002 23:47, Dan Merillat wrote:
<>
> Here's the anonymity risks:
>
> 1) Image/somethingwedontrecognize <-- IE, netscape like to load "plugins"
> for things it dosn't recognize. Someone could compromise the download
> server f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 07 September 2002 23:47, Dan Merillat wrote:
<>
> Here's the anonymity risks:
>
> 1) Image/somethingwedontrecognize <-- IE, netscape like to load "plugins"
> for things it dosn't recognize. Someone could compromise the download
> server
On Sun, Sep 08, 2002 at 12:47:47AM -0400, Dan Merillat wrote:
>
> > Or just replace < and > with one of these set of similar looking characters
> > (I think the last 2 are non-Unicode characters which can be shown in most
> > browsers without prompting to download silly extra packs)
>
>
On Sun, Sep 08, 2002 at 12:47:47AM -0400, Dan Merillat wrote:
>
> > Or just replace < and > with one of these set of similar looking characters
> > (I think the last 2 are non-Unicode characters which can be shown in most
> > browsers without prompting to download silly extra packs) ??»«
>
>
> Or just replace < and > with one of these set of similar looking characters
> (I think the last 2 are non-Unicode characters which can be shown in most
> browsers without prompting to download silly extra packs)
Like < and >, perhaps?
It dosn't matter, though. IE is going to second-g
> Or just replace < and > with one of these set of similar looking characters
> (I think the last 2 are non-Unicode characters which can be shown in most
> browsers without prompting to download silly extra packs) ??»«
Like < and >, perhaps?
It dosn't matter, though. IE is going to second-
Matthew Toseland writes:
> I'd prefer for it to start immediately as HTML, in case any browser only
> treats text as HTML if it sees HTML in the first n lines or n chars.
Fair enough.
> Yup. There are some interfaces issues; I am planning to add a
> "Protecting your anonymity" link/servlet to t
Matthew Toseland <[EMAIL PROTECTED]> writes:
> I'd prefer for it to start immediately as HTML, in case any browser only
> treats text as HTML if it sees HTML in the first n lines or n chars.
Fair enough.
> Yup. There are some interfaces issues; I am planning to add a
> "Protecting your anonymit
> > >
> > > If IE is detected, FProxy could make an HTML document with a large
> >
> >
> >
> > > (say, 70 cols and 25 rows) and put the actual document in
> that. Surely
> > > IE won't parse HTML inside a . Or would it?
> >
> > This is just a thought, but...
> >
> > If I wanted to be malicious
> > >
> > > If IE is detected, FProxy could make an HTML document with a large
> >
> >
> >
> > > (say, 70 cols and 25 rows) and put the actual document in
> that. Surely
> > > IE won't parse HTML inside a . Or would it?
> >
> > This is just a thought, but...
> >
> > If I wanted to be malicious I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Timm Murray wrote:
| On Friday 06 September 2002 19:19, William_dw -- Sqlcoders wrote:
|
|As a final thought, couldn't we just work around deficiencies like
|that? What happens if you send "text/x-really-plain" instead?
|
|--
|Robbe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Timm Murray wrote:
| On Friday 06 September 2002 19:19, William_dw -- Sqlcoders wrote:
|
|As a final thought, couldn't we just work around deficiencies like
|that? What happens if you send "text/x-really-plain" instead?
|
|--
|Robb
rg
> >
> > >[mailto:devl-admin at freenetproject.org]On Behalf Of Robert Bihlmeyer
> > >Sent: 06 September 2002 12:44
> > >To: devl at freenetproject.org
> > >Subject: [freenet-dev] MSIE issues
> > >
> > >
> > >
> > >As a final t
On Fri, Sep 06, 2002 at 09:43:47PM +0200, Robert Bihlmeyer wrote:
> Travis Bemann writes:
>
> > I think that a good compromise would be to put up a warning page
> > where the user has to type "I do know that Micro$oft Internet
> > Explorer is an insecure piece of shit" as specified by the page in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 06 September 2002 19:19, William_dw -- Sqlcoders wrote:
> > > >As a final thought, couldn't we just work around deficiencies like
> > > >that? What happens if you send "text/x-really-plain" instead?
> > > >
> > > >--
> > > >Robbe
> > >
> > >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 06 September 2002 17:51, Matthew Toseland wrote:
> On Fri, Sep 06, 2002 at 09:43:47PM +0200, Robert Bihlmeyer wrote:
> > Travis Bemann writes:
> > > I think that a good compromise would be to put up a warning page
> > > where the user has to
Travis Bemann writes:
> I think that a good compromise would be to put up a warning page
> where the user has to type "I do know that Micro$oft Internet
> Explorer is an insecure piece of shit" as specified by the page into
> a text item in a form (the $ would be mandatory) and then press a
> but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 06 September 2002 19:19, William_dw -- Sqlcoders wrote:
> > > >As a final thought, couldn't we just work around deficiencies like
> > > >that? What happens if you send "text/x-really-plain" instead?
> > > >
> > > >--
> > > >Robbe
> > >
> > >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 06 September 2002 17:51, Matthew Toseland wrote:
> On Fri, Sep 06, 2002 at 09:43:47PM +0200, Robert Bihlmeyer wrote:
> > Travis Bemann <[EMAIL PROTECTED]> writes:
> > > I think that a good compromise would be to put up a warning page
> > > w
nt: 06 September 2002 12:44
> >To: devl at freenetproject.org
> >Subject: [freenet-dev] MSIE issues
> >
> >
> >
> >As a final thought, couldn't we just work around deficiencies like
> >that? What happens if you send "text/x-really-plain" instead?
> > >
> > >As a final thought, couldn't we just work around deficiencies like
> > >that? What happens if you send "text/x-really-plain" instead?
> > >
> > >--
> > >Robbe
> >
> > As far as I've found IE really likes HTML, unless it pop's up a file
> > download box it will try to interpret any HTML l
> > >
> > >As a final thought, couldn't we just work around deficiencies like
> > >that? What happens if you send "text/x-really-plain" instead?
> > >
> > >--
> > >Robbe
> >
> > As far as I've found IE really likes HTML, unless it pop's up a file
> > download box it will try to interpret any HTML
> >[mailto:[EMAIL PROTECTED]]On Behalf Of Robert Bihlmeyer
> > >Sent: 06 September 2002 12:44
> > >To: [EMAIL PROTECTED]
> > >Subject: [freenet-dev] MSIE issues
> > >
> > >
> > >
> > >As a final thought, couldn't we just work
:44
> >To: [EMAIL PROTECTED]
> >Subject: [freenet-dev] MSIE issues
> >
> >
> >
> >As a final thought, couldn't we just work around deficiencies like
> >that? What happens if you send "text/x-really-plain" instead?
> >
> >--
> >Robbe
On Fri, Sep 06, 2002 at 09:43:47PM +0200, Robert Bihlmeyer wrote:
> Travis Bemann <[EMAIL PROTECTED]> writes:
>
> > I think that a good compromise would be to put up a warning page
> > where the user has to type "I do know that Micro$oft Internet
> > Explorer is an insecure piece of shit" as spec
>-Original Message-
>From: devl-admin at freenetproject.org
>[mailto:devl-admin at freenetproject.org]On Behalf Of Robert Bihlmeyer
>Sent: 06 September 2002 12:44
>To: devl at freenetproject.org
>Subject: [freenet-dev] MSIE issues
>As a final thought, couldn&
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Robert Bihlmeyer
>Sent: 06 September 2002 12:44
>To: [EMAIL PROTECTED]
>Subject: [freenet-dev] MSIE issues
>As a final thought, couldn't we just work around deficiencies like
Travis Bemann <[EMAIL PROTECTED]> writes:
> I think that a good compromise would be to put up a warning page
> where the user has to type "I do know that Micro$oft Internet
> Explorer is an insecure piece of shit" as specified by the page into
> a text item in a form (the $ would be mandatory) an
28 matches
Mail list logo
