ok. Shucks. That's convincing. OK if it allows same-server jar changes?
Bob
On Sat, Aug 30, 2008 at 2:16 PM, <[EMAIL PROTECTED]> wrote:
> Quoting Robert Hanson <[EMAIL PROTECTED]>:
>
> > that's why I'm asking. Yes, I have tried this. We could make it only the
> > applet from the server -- in other words not allow a new codebase -- if
> you
> > think that is a major concern.
> >
> > How would you see the spoof working, Rolf?
> >
>
> The HTML code shown below just hides the 'JMOLJAR=...' extension
> within the status line. Althugh my Firefox 3 does show the real URL,
> even when I exceptionally allow status line changes, it still works
> with my Internet Eplorer 7. And this is just the most simple way.
> There are more sophisticated techniques possible.
>
> <a
> href="
> http://www.imb-jena.de/cgi-bin/3d_mapping.pl?CODE=1deh&MODE=biological1&JMOLJAR=http://www.fakejenalib.com/fakejmol.jar";
> onmouseout="window.status='';return true" onmouseover="window.status='
> http://www.imb-jena.de/cgi-bin/3d_mapping.pl?CODE=1deh&MODE=biological1';return<http://www.imb-jena.de/cgi-bin/3d_mapping.pl?CODE=1deh&MODE=biological1%27;return>true">JenaLib
> Jmol
> Viewer</a>
>
> Since it may be possible that the complete version is only shown as
> links here is a (modified) repeat of the Javascript portion:
>
> onmouseout="window.status='';return true"
> onmouseover="window.status='original_URL';return true"
>
> Regards,
> Rolf
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> Jmol-users mailing list
> Jmol-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jmol-users
>
--
Robert M. Hanson
Professor of Chemistry
St. Olaf College
Northfield, MN
http://www.stolaf.edu/people/hansonr
If nature does not answer first what we want,
it is better to take what answer we get.
-- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Jmol-users mailing list
Jmol-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jmol-users
