If you insert a page of HTML as text/plain, it will not be filtered,
being a 'safe' content-type. However, M$IE (tested a fairly recent
version - somewhere between 5 and 6 inclusive), will recognize the HTML,
and render it. So... we need to have loud warnings not to use IE, all
over the place, in the README, but especially, we need fproxy to scan
for IE's header signature, and if detected bring up a clickthrough page
(like for new build versions, make it a bit more stubborn - force users
to copy a URL into the address bar by hand would do it), explaining all
this if it detects M$IE using it. Alternatively, we could filter out bad
HTML/CSS regardless of the supposed MIME type.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20020902/b86f7684/attachment.pgp>
