Re: [courier-users] Courier/SqWebMail 20050905
This is a discussion on Re: [courier-users] Courier/SqWebMail 20050905 within the Courier-Imap forums, part of the Mail Servers and Related category; Sam Varshavchik wrote: > > Although in the rest of the world, any <!-- comment --> in HTML gets > ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-08-2005
|
|||
|
|||
Re: [courier-users] Courier/SqWebMail 20050905
Sam Varshavchik wrote:
> > Although in the rest of the world, any <!-- comment --> in HTML gets > ignored, with MSIE a specially formatted HTML comment can get processed > as regular HTML code, with scripting, et al: > > http://msdn.microsoft.com/library/de...omment_ovw.asp Oh, they do server side includes on the client! And, yes, on that page they claim that the content is not downloaded when the conditional is false... > > The other stuff in the patch is because it's cumulative, and includes > last week's fix for a different issue. E.g. checking &xxx entities terminate with `;'? But there's no _hot_ security concern, is there? ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users 
|
Linear Mode
