- From: Tyler Close <tyler.close@gmail.com>
- Date: Mon, 9 Apr 2012 16:28:56 -0700
On Mon, Apr 9, 2012 at 4:23 PM, Tyler Close <tyler.close at gmail.com> wrote: > On Mon, Apr 9, 2012 at 3:12 PM, Ian Hickson <ian at hixie.ch> wrote: >> Just wait for the iframe to >> appear and then navigate it to the mailto: handler with the parameters you >> want. That attacker has to navigate the iframe to the RPH handler URL with the embedded mailto URL, not the mailto URL directly. Using the mailto URL directly would cause the browser to run through its RPH code a second time, causing the user to see a second Picker dialog, so the attack is no longer invisible to the user. --Tyler
Received on Monday, 9 April 2012 16:28:56 UTC