W3C home > Mailing lists > Public > www-html@w3.org > December 1999

Re: security problem in emailing HTML

From: Walter Ian Kaye <walter@natural-innovations.com>
Date: Mon, 6 Dec 1999 08:36:42 -0800
Message-Id: <v0422082cb471906a1d23@[63.193.119.97]>
To: www-html@w3.org
At 04:22p -0500 12/04/99, Keith Moore wrote:
>  > I don't think that the problem people are complaining about is
>  > primarily a cookies problem;
>
>it's partially a cookies problem; cookies make it easier to leak
>information to parties whose addresses aren't visible in the original
>email.  but there are probably other ways to do it that don't involve
>cookies.

I've been thinking about writing a Perl filter to strip out HTML from email.
Was gonna just delete from <html> to </html>, but then saw that Fingerhut
embeds the plain text version into an HTML comment. I wonder if there are
any other mutations...


-Walter
Received on Monday, 6 December 1999 11:39:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 March 2012 18:15:40 GMT