Wasn't able to reproduce this with patched IE6 on 2k. > -----Original Message----- > From: Matthew S. Hallacy [mailto:poptixat_private] > Sent: Wednesday, January 02, 2002 5:36 AM > To: vuln-devat_private > Subject: Odd MSIE html parsing > > > I recieved an odd spam today, the links were obfuscated as follows: > > <A > HREF="http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B"> > > clicking on the link in MSIE shows the following in the address bar: > 'http://www.ca1.waredet.net.co.fr(?????)|https.travel.bzah.com/' > while it's really going to https.travel.bzah.com (a stupid > angelfire spam site, > die die die) > > Comments? I'm curious as to why MSIE allows control characters in the url > like this, it didn't work in Mozilla. > > - Matthew S. Hallacy > -- >
This archive was generated by hypermail 2b30 : Wed Jan 02 2002 - 21:20:18 PST