- From: Ian Hickson <ian@hixie.ch>
- Date: Tue, 16 Nov 2004 14:42:03 +0000 (UTC)
On Mon, 6 Sep 2004, Lachlan Hunt wrote: > > Ian Hickson wrote: > > You'd be surprised how easy it is to trick users into typing things like > > that. For example: > > > > Q3. What is the path to a Linux system's password file? > > [ ] > > > > (( Submit Quiz )) > > Do you mean just like these examples I just created? > > http://lachy.id.au/dev/markup/examples/forms/file/ Indeed. > I've have added comments about this security hole on bug 57770 in bugzilla. > (comments 54 and 55) > http://bugzilla.mozilla.org/show_bug.cgi?id=57770#c54 Thanks. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 16 November 2004 06:42:03 UTC