Re: Filtering potentially dangerous URI schemas in <a href="...">


Perl Monk, Perl Meditation
	PerlMonks

Re: Filtering potentially dangerous URI schemas in <a href="...">

by Dog and Pony (Priest)

on Oct 21, 2002 at 15:07 UTC ( [id://206859]=note: print w/replies, xml )

Need Help??

in reply to Filtering potentially dangerous URI schemas in <a href="...">

Agreed. On a related note, I saw a report that some special URL type related to windows help could wipe your computer under XP (SP1 fixes this). Apparently an url with a winhelp specific schema could order the computer to write a file to any place you name on disk. Such as somewhere in the system directories... No, no link, and not confirmed. But wouldn't be surprised if it was true.

Only allowing the above (https?, ftp, mailto) would eliminate such as well.

You have moved into a dark place.
It is pitch black. You are likely to be eaten by a grue.

Comment on Re: Filtering potentially dangerous URI schemas in <a href="...">

In Section Perl Monks Discussion

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://206859]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others surveying the Monastery: (8)

As of 2024-04-23 12:42 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found