Re: virus? from Matthew Brealey on 2000-08-03 (www-style@w3.org from August 2000)

From: Matthew Brealey <webmaster@richinstyle.com>
Date: Thu, 03 Aug 2000 16:10:22 +0100
To: www-style@w3.org
Message-ID: <39898B29.318@richinstyle.com>
Bruno wrote:
> 
> I was just wondering where there or is there any CSS virus?

Using the BeCSS proposal it is possible to format your hard drive. This
can be achieved by setting as the element's 'behavior' the instantiation
of an ActiveX control. ActiveX controls can doing anything - in
particular the execution of an external program - such a program might
be one that trashes your hard drive's partition tables (only possible on
IDE drives).

However, this is a problem not limited to CSS, and is really a problem
with ActiveX.

Strictly within CSS the only thing you can do is crash the browser. I
actually started work on a 'gallery' of crash pages, but forgot about
it, although I think it's still on my hard drive. I think I got about a
dozen.

In particular it is very easy to crash Netscape:

this will crash ALL versions of Netscape 4.* (under Windows at least)
(garbage added to avoid screwing anyone's browsers):

<link type="text/css" rel=stylesheet
href="http://richinstyle.com/style/all.css">
< dsjflsdfjsdlfjsdlf p class=example>
Hello
< dsjflsdfjsdlfjsdlfdsjflsdfjsdlfjsdlfdsjflsdfjsdlfjsdlf  p
class=example>
Hello
</p>

this also does:

http://richinstyle.com/test/application/long.html

Opera 3.* can be crashed without any great difficulty:

<link type="text/css" rel=stylesheet href=samepage.html>

or

<link type="text/css" rel=stylesheet href=a.css>

a.css:
@import url(b.css);

b.css:
@import url(a.css);

All versions of Win Opera will put the system in an unusable state
(three-fingered salute time) if you create a style sheet that resets
every CSS property to default for each element

The nascent Konqueror can be crashed without any great difficulty,
although the results are never catastrophic. E.g.:

http://richinstyle.com/test/color/canvas2.html

Linux Opera can also be crashed quite easily.

Internet Explorer 4 (i.e. not 4.01) will complete kill the whole system
destroying all work and applications (reboot only option) if you use
'clear' in most cases; e.g.,
http://www.richinstyle.com/bugs/ie4demo.html

4.01 will crash less catastrophically if you are not very gentle with it
while opening that same page (i.e. don't attempt to scroll), and with
100% certainty on any attempt to print that page

[Plus many more ways to crash: this is just off the top of my head.]

In general it is possible to crash almost any browser using CSS,
although IE 5 presents a significant challenge: the more complicated the
page the better - like early JavaScript hacks and frame loops, most
obvious holes have been closed.

-----------------------------------
Please visit http://RichInStyle.com. Featuring:
MySite: customizable styles.         AlwaysWork style 
Browser bug table covering all CSS2 with links to descriptions.
Lists of > 1000 browser bugs         Websafe Colorizer 
CSS2, CSS1 and HTML4 tutorials.      CSS masterclass 
CSS2 test suite: 5000++ tests and 300+ test pages.
Received on Thursday, 3 August 2000 11:11:04 UTC