FW: IE5.0 security warning

Didier PH Martin martind at netfolder.com
Tue Dec 14 19:43:33 GMT 1999


I tought this may be interesting.

Didier PH Martin
mailto:martind at netfolder.com

-----Original Message-----
From: owner-xmledi-list at lists.bizserve.com
[mailto:owner-xmledi-list at lists.bizserve.com]On Behalf Of David RR
Sent: Friday, December 03, 1999 1:55 AM
To: The XML/EDI Group
Subject: FWD: IE5.0 security warning

dave thought you might like to read this one - first time I've seen xml
implicated in a security threat...

Georgio Guninski reported a problem with Internet Explorer (IE) 5.0
under Windows NT 4.0 and Windows 95. According to the report, IE 5.0
has a problem with the way it handles HTTP redirects in Extensible
Markup Language (XML) objects. The problem unnecessarily exposes a
user's local file.
   When a user embeds an XML document within an HTML document, IE 5.0
doesn't handle the HTTP redirects properly, thereby allowing access to
the domain of the embedded XML document.

XML/EDI Group members-only discussion list
Homepage =  http://www.xmledi.com

Brought to you by: Online Technologies Corporation
                  Home of BizServe - www.bizserve.com

TO UNSUBSCRIBE: Send email to <xmledi-list-request at lists.bizserve.com>
               Leave the subject blank, and
               In the body of the message, enter ONLY: unsubscribe

Questions/requests should be sent to: owner-xmledi-list at bizserve.com
To join the XML/EDI Group complete the form located at:

xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev at ic.ac.uk
Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1
To unsubscribe, mailto:majordomo at ic.ac.uk the following message;
unsubscribe xml-dev
To subscribe to the digests, mailto:majordomo at ic.ac.uk the following message;
subscribe xml-dev-digest
List coordinator, Henry Rzepa (mailto:rzepa at ic.ac.uk)

More information about the Xml-dev mailing list