Frames or not, this bug was discussed in some detail in the O'Reilly book _Web Security and Commerce_ by Garfinkel and Spafford. Since its original publication date is June 1997, I think we can assume that this bug has been known for almost two years. I heartily recommend this book to anyone interested in browser security issues, especially those related to java, javascript, and other such client-side programming. Ref: http://www.oreilly.com/catalog/websec/ K. -- Kirrily 'Skud' Robert - http://netizen.com.au/ Documentation is the castor oil of programming. Managers know it must be good because the programmers hate it so much.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:36:42 PDT