While I realize that there is a great desire to make those who dare
to use Windows suffer as much as possible - displaying a message seen
by, I would guess, 90% of our users, which suggests that they should
start editing source-code, conveys a pretty bad impression of
Freenet's user-friendliness.
The rest of the message could also use some rewriting so that it
will be comprehensible even for those who don't know what a
MIME-type is.
Ian.
On Mon, Nov 04, 2002 at 12:07:35PM -0800, Robert Bihlmeyer wrote:
> MSIE users can't switch to Konqueror easily, recommend K-Meleon instead.
> pw.println("<body bgcolor=\"#ffffff\"><h1>Internet Explorer
> Allows Sites To Compromize Your Anonymity</h1>");
> pw.println("<p>Microsoft Internet Explorer (all versions, as
> far as we know, and this is not likely to be fixed) does not respect MIME
> types. This means it is impossible for fproxy to protect your anonymity on
> freenet. There may be bugs etc. in fproxy's filter that make other browsers
> unsafe, but IE's behaviour makes it more or less impossible to filter out
> content that might make your browser do something to compromize your
> anonymity (scripting, and talking to internet servers outside of freenet).
> This is not a theoretical risk, it is a practical one - just insert your HTML
> as text/plain, and it will pass straight through the content filter without
> being checked for web-bugs or javascript. \"Fixing\" this would require
> filtering text/plain, and possibly all mime types, as well as text/html and
> text/css, and abandoning any possibility of rewriting the filter to only let
> through content that it understands (in order to prevent future
> standards/extensions to HTML bypassing the content filter). This does not
> necessarily mean that IE is insecure as a web browser in general, it just
> means that it is incompatible with freenet's anonymity filter. To disable
> this message permanently, edit the file FproxyServlet.java in the freenet
> source (search for indexOf(\"MSIE \"), and recompile.</p>");
> ! pw.println("<p>There are many other web browsers out there,
> such as <a href=\"http://www.mozilla.org\";>Mozilla</a> (Windows, Linux,
> MacOS, most things, off-freenet link), and <a
> href=\"http://www.kde.org/\";>Konqueror</a> (linux only, off-freenet link),
> which are free.<hr>");
> if (badBrowserWarningsSentTo.size() < maxBadBrowserIPs) {
> pw.println("If you are really really sure you want to
> proceed, don't say we didn't warn you, and click <a href=\"" +
> req.getRequestURI() +
> --- 434,438 ----
> pw.println("<body bgcolor=\"#ffffff\"><h1>Internet Explorer
> Allows Sites To Compromize Your Anonymity</h1>");
> pw.println("<p>Microsoft Internet Explorer (all versions, as
> far as we know, and this is not likely to be fixed) does not respect MIME
> types. This means it is impossible for fproxy to protect your anonymity on
> freenet. There may be bugs etc. in fproxy's filter that make other browsers
> unsafe, but IE's behaviour makes it more or less impossible to filter out
> content that might make your browser do something to compromize your
> anonymity (scripting, and talking to internet servers outside of freenet).
> This is not a theoretical risk, it is a practical one - just insert your HTML
> as text/plain, and it will pass straight through the content filter without
> being checked for web-bugs or javascript. \"Fixing\" this would require
> filtering text/plain, and possibly all mime types, as well as text/html and
> text/css, and abandoning any possibility of rewriting the filter to only let
> through content that it understands (in order to prevent future
> standards/extensions to HTML bypassing the content filter). This does not
> necessarily mean that IE is insecure as a web browser in general, it just
> means that it is incompatible with freenet's anonymity filter. To disable
> this message permanently, edit the file FproxyServlet.java in the freenet
> source (search for indexOf(\"MSIE \"), and recompile.</p>");
> ! pw.println("<p>There are many other web browsers out there,
> such as <a href=\"http://www.mozilla.org\";>Mozilla</a> (multi-platform,
> off-freenet link), and <a
> href=\"http://kmeleon.sourceforge.net/\";>K-Meleon</a> (Windows only,
> off-freenet link), which are free.<hr>");
> if (badBrowserWarningsSentTo.size() < maxBadBrowserIPs) {
> pw.println("If you are really really sure you want to
> proceed, don't say we didn't warn you, and click <a href=\"" +
> req.getRequestURI() +
--
Ian Clarke ian@[freenetproject.org|locut.us|cematics.com]
Latest Project http://cematics.com/kanzi
Personal Homepage http://locut.us/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20021104/bab82214/attachment.pgp>
