I have found a new bug in Netscape Communicator 4.07, 4.05 (probably others), which allows reading the user's cache (the URLs the user has visited, including the info in GET forms). The bug uses Javascript - a link to 'about:<SCRIPT>...javascript code...</SCRIPT>' does the work. A demo is available at: http://www.freeyellow.com/members5/guninski/ncache.html Part of the code is borrowed from Dan Brumleve <nothingat_private>, for better goodies see: http://www.shout.net/~nothing/son-of-cache-cow/index.html Workaround: Disable Javascript. Regards, Georgi Guninski ____________________________________________________________________ Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:18:58 PDT