[Empeg-general] Re: HTML code in BBS post

peter@empegbbs-noreply.merlins.org peter at empegbbs-noreply.merlins.org
Wed, 20 Mar 2002 13:22:00 GMT


except for poorly written browsers

Phew, we're all safe then. 

Actually, that page is pretty old, and modern versions of both Netmoscapezilla and IE are more robust.

Besides, that's more of a client thing, the way people are talking here, you'd think every web server which displayed HTML was a wide open backdoor to root the server.

Oh, I completely agree. No sanely-configured server is at server-side risk from HTML. But unfiltered HTML does pose client-side risks, and perhaps frog51 is thinking of regularly-insanely-configured servers?

Peter