- From: Michal Zalewski <lcamtuf@coredump.cx>
- Date: Sat, 30 Apr 2011 12:12:17 -0700
> So, it's not so much the security issue (the browser's job), but an > appearance-of-fault issue: the site not wanting to be blamed if the > browser fails at that job. Well, the browser does the best it can (i.e., documents the origin of a download), and the user does the best he can (examines the displayed origin). If that's not enough, then we have a problem. (That's not unique to disposition=, by the way; on unrecognized MIME types, browsers often derive file name from the notoriously unreliable URL path signal, which is completely controlled by the attacker in cases such as the PATH_INFO mechanism in Apache.) /mz
Received on Saturday, 30 April 2011 12:12:17 UTC