On Wednesday 21 July 2004 05:13, James Woodcock wrote: > This might seem like it should be going to a webdev list, but there's a > possible security implication, so here goes; > > http://2-spyware.com/file-cnfrm-exe.html > > In Mozilla 1.5 and FireFox 0.9 with the pop-up blocker turned on, I get > a pop-up! It's purporting to be an important notice from my Network > Administrator - you'll probably recognise it;
Not a popup in the traditional sense, merely a DIV layer that sits above the main page content. Konqueror loads it too, but gets the rendering levels slightly wrong (or right) and the page just looks a bit wrong. Traditional popups are created with javascript, which is what the popup blockers look for (afaik) - window.open. > Is a web browser supposed to be able to render code outside the > <html></html> tags? I don't think they're meant to, but many of them do anyway. As for IE - IE does weird shit with pages. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
