I have found a problem with MochiKit Base.js and the intrusion protection system at work. The IPS truncates Base.js because it assigns the unescape() function to a variable (in parseQueryString(), line 1225 in version 1.4.2 of Base.js). The IPS response is documented here:
http://www.iss.net/security_center/reference/vuln/JavaScript_Unescape_Obfuscation.htm Has anybody else seen this behaviour? Could the code be re-written to not use that reassignment? (I discovered this because MarkMail does not work, and it uses a compressed version of MochiKit 1.4.) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "MochiKit" group. To post to this group, send email to mochikit@googlegroups.com To unsubscribe from this group, send email to mochikit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/mochikit?hl=en -~----------~----~----~----~------~----~------~--~---
