- From: John Hudson <tiro@tiro.com>
- Date: Wed, 16 Mar 2011 17:37:05 -0700
- To: Tab Atkins <tabatkins@google.com>
- CC: Chris Lilley <chris@w3.org>, WOFF Working Group FONT <public-webfonts-wg@w3.org>
Tab Atkins wrote: > No, Chris's example used misleading text both in the title attribute > and in the link text. The only clue about the actual destination was > the href attribute. This is precisely the same as your vulnerability. Ah, for some reason Chris' example was not displaying correctly for me. I see what you mean now. J.
Received on Thursday, 17 March 2011 00:37:42 UTC