Re: html and active content.

Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:

We have seen a number of attacks via e-mail that use text/html to carry
pointers to malicious code.  We also had, many moons ago, a small war 
regarding
text/html versus application/html.

I propose the following straw man:

text/html be redefined such that it contains static content only.
application/html be redefined such that active content such as Javascript
be allowed.


Hum.

What if the document does not contain directly script but has a LINK
to a js file ? If it contains a link to an applet ?
And if the document is the result of a CGI ?

</Daniel>

<Prev in Thread]	Current Thread	[Next in Thread>
html and active content., Valdis . Kletnieks Re: html and active content., Keith Moore Re: html and active content., Daniel Glazman <= RE: html and active content., Jeff Stephenson (Exchange) Re: html and active content., Valdis . Kletnieks RE: html and active content., Rick Troth

Previous by Date:	Re: html and active content., Keith Moore
Next by Date:	RE: html and active content., Jeff Stephenson (Exchange)
Previous by Thread:	Re: html and active content., Keith Moore
Next by Thread:	RE: html and active content., Jeff Stephenson (Exchange)
Indexes:	[Date] [Thread] [Top] [All Lists]