- From: Biju <bijumaillist@gmail.com>
- Date: Mon, 5 Mar 2012 23:34:15 -0400
Today I again landed on a malicious site which trap users using alert/confirm to download some application. URL : http://usaaccount2.com/?q=MzI1ODA0MTZEkBZYYoU0AEZuUVlSQUVaV0lWc05hc0NnenljeURJTABhOTNkNTY2M2YwNmI1OWIxZWI1NTEwYjE0ZDg1NjE0M2VkZGUzOTZkMjUwN2Q5M2NlYWI2Yzk5NzA5NjkxY2NlNjM0NTMzZmU4M2Q5ZDA5NgBEQWVCd1psR0pqRklrTFJIb1MxMzMwOTk3MzQzbVdPWU53SlBLbjc= (or go it by http://snipurl.com/22hv8zh ) I landed there when I got redirected from. http://ndia-tvc.org/jiamd_luncheon_18nov08/pages/letter-formation-worksheets I think that page is hacked as its links and contents is not same as other regular page at http://ndia-tvc.org/ Also I feel if download is not triggered by CLICK event browsers should not prompt user to download content that not HTML/JPG/PNG. Cheers Biju On 6 February 2012 19:03, Ian Hickson <ian at hixie.ch> wrote: > On Tue, 10 Jan 2012, Ojan Vafai wrote: >> >> The only complaint I'm aware of is in http://crbug.com/97206. The bug >> comments are confusing. The primary issue there is WebKit not firing >> beforeunload/unload from frames in some cases, but there is one comment >> about code that calls "confirm" from unload handlers followed by a sync >> XHR to save data that now breaks. > > I've specced this (it's optional for now). I didn't check how closely what > I specced matches Chrome. > > -- > Ian Hickson ? ? ? ? ? ? ? U+1047E ? ? ? ? ? ? ? ?)\._.,--....,'``. ? ?fL > http://ln.hixie.ch/ ? ? ? U+263A ? ? ? ? ? ? ? ?/, ? _.. \ ? _\ ?;`._ ,. > Things that are impossible just take longer. ? `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 5 March 2012 19:34:15 UTC