James M Snell wrote:
Mostly known already, but worth reading:
http://www.niallkennedy.com/blog/archives/2006/08/black-hat-prese.html
http://news.com.com/2100-1002_3-6102171.html
Most developers may be aware of the dangers of scripting, but as that
article points out they aren't doing a very good job of blocking it. I ran a
bunch of tests on about 20 or so aggregators about a month ago and more than
half let through scripting in some form or another. Most were at least
making some effort to block scripts but there were a few that basically let
through everything.
I was considering putting up a blog post on the subject including my test
feeds so people could see some of the things they need to check for, but I
figured it'd probably do more harm than good.
Regards
James
