W3C home > Mailing lists > Public > whatwg@whatwg.org > September 2004

[whatwg] File Upload Control

From: Lachlan Hunt <lachlan.hunt@iinet.net.au>
Date: Mon, 06 Sep 2004 00:40:08 +1000
Message-ID: <413B2548.7000309@iinet.net.au>
Ian Hickson wrote:
> You'd be surprised how easy it is to trick users into typing things like 
> that. For example:
> 
>   Q3. What is the path to a Linux system's password file?
>       [                       ]
> 
>   (( Submit Quiz ))

Do you mean just like these examples I just created?

http://lachy.id.au/dev/markup/examples/forms/file/

I've have added comments about this security hole on bug 57770 in 
bugzilla. (comments 54 and 55)
http://bugzilla.mozilla.org/show_bug.cgi?id=57770#c54
-- 
Lachlan Hunt
http://www.lachy.id.au/
Received on Sunday, 5 September 2004 07:40:08 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:19 UTC