[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Locking up Internet Explorer
- To: <godwulf@xxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Locking up Internet Explorer
- From: "Thor Larholm" <thor@xxxxxxxx>
- Date: Wed, 12 May 2004 10:43:34 -0700
Any link in the form of //something has the current protocol prepended to it.
If you are on a HTTP site such as http://microsoft.com and click on a link to
//msdn.microsoft.com you are in reality making a request for
http://msdn.microsoft.com
/. used to use these links all over the place, to save some bytes I guess.
The results by clicking on your link to //test/test depends on the security
zone you are in. If you are in the Internet Zone you will be asking for
http://test/test , if you are in the My Computer zone you will be asking for
file://test/test which gets translated into \\test\test.
Regards
Thor
-----Original Message-----
From: godwulf@xxxxxxx [mailto:godwulf@xxxxxxx]
Sent: Tue 5/11/2004 9:08 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Cc:
Subject: [Full-Disclosure] Locking up Internet Explorer
The following code creates a link that causes Microsoft Internet
Explorer to
lock up. Restarting IE is required after clicking on the link.
<A HREF="//test/test">Lock up Internet Explorer</A>
The form of the link just has to be //*/* as far as I tried it. The IE
version I used was 6.0.2800.1106.xpsp2.030422-1633CO.
CYA
--
"Sie haben neue Mails!" - Die GMX Toolbar informiert Sie beim Surfen!
Jetzt aktivieren unter http://www.gmx.net/info
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html