On Sun, Sep 08, 2002 at 12:47:47AM -0400, Dan Merillat wrote:
>
> > Or just replace < and > with one of these set of similar looking characters
> > (I think the last 2 are non-Unicode characters which can be shown in most
> > browsers without prompting to download silly extra packs) ????????
>
> Like < and >, perhaps?
>
> It dosn't matter, though. IE is going to second-guess the filetype and
> interpret
> HTML no-matter what.
>
> The only way for them to be safe is to allow image/{gif/jpeg/png/bmp} (AND NO
> OTHERS)
> text/html and text/plain (which we should probably promote to HTML then
> htmlentityize it.
>
> Here's the anonymity risks:
>
> 1) Image/somethingwedontrecognize <-- IE, netscape like to load "plugins" for
> things it dosn't recognize. Someone could compromise the download server for
> something obscure (AOL .art format, for instance) then check referer documents
> for freenet URLs. Not sure how possible this is as I don't know what all the
> browsers send.
>
> 2) {video,audio}/*: As mentioned before, some formats allow redirecting to
> URLs at the end. Also, codec registry. Even "safe" types like .wav are
> overridden as soon as IE sees the first few bytes of a .wma file, and dumps
> it into media player.
>
> Safest bet: squash into application/octet stream (force download)
>
> 3) CSS: There's only a few ways to specify a URI in standard CSS, so we
> should be
> able to filter that type safely.
We do. Oh, and the rest of your mail says essentially what I said in the
email titled "sarcasm".
>
> 4) text/plain <-- mangle as described above. Too many risks, and the
> end-user experience
> will be the same. (Wrap in <pre></pre> for good measure)
>
> 5) text/html: We do a good job on this, with a few small loopholes.
>
> "But it shouldn't be in freenet!" I agree, 110%. Fproxy should spin into
> it's own side
> project, hooked into freenet ONLY via the FCP port. This convieniently
> means that any
> "internal" hooks (Build #, etc) would have to be exposed to other toolwriters.
>
> --Dan
>
>
> _______________________________________________
> devl mailing list
> devl at freenetproject.org
> http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl
>
--
Matthew Toseland
mtoseland at blueyonder.co.uk
amphibian at sourceforge.net
Freenet/Coldstore open source hacker.
Looking for $coding (I'm cheap)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20020908/551a5286/attachment.pgp>
