[imc-sf-active] Dangerous Refresh content on comments
alster at indymedia.org
Tue Sep 26 07:06:15 PDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Oops, sorry, this last email was actually written by me, not by Mat. So
>> mat(a)riseup.net <mat at riseup.net> wrote:
>>> Hello, in sf-active 0.9.4 if you put this in the title of a comment, you can
>>> redirect the people browsing the article.
>>> <META HTTP-EQUIV=Refresh CONTENT='0;URL=http://www.indymedia.org'>
> Pseudo Punk wrote:
>> this doesn't work in current cvs.
alster at indymedia.org wrote:
> More and more IMC's seem to have to fight with this HTML/client side
> script injection issue. So far: argentina, melbourne, liege were reported.
> Maybe pointing people to the exact webcvs url of the patch and CC'ing
> imc-tech would help...
IMC Worcester is the latest addition to the list btw.
Fingerprint 1B8B 128F 8435 541C B3A5 1B7E CF5A 9D55 0505 9C17
All other http://docs.indymedia.org/view/Main/AlsteR
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the imc-sf-active