-
June 6th, 2004, 08:21 AM
#1
Member
explorer shows my drive contents
here is a big problem with me in html
Code:
<body>
<pre> I am here for
Three days, SO you can
come to me</pre>
<form name="rate" method="post" target="display.html">
<input type="radio" name="group" value="worst">
<input type="button" value="check"
onclick="javascript:window.location.href=top.html">
</form>
</body>
I was just practicing with html, when i run this code in IE, and click the button appear, there
was a great flaw, that clicking on this button IE shows my windows folder contents, where this file was stored, what is the reason
-
June 6th, 2004, 08:42 AM
#2
umm i get the button "Check" and i guess, we should know the code of your display.html file.
-
June 6th, 2004, 10:48 AM
#3
MemorY is right we should know the code of your display.html file. here is how you can test if you have found a flaw or not:
1)IE and your os must be patched fully (go to http://windowsupdate.microsoft.com/)
2)place those files inside the following path:
[root drive]:\Documents and Settings\[username]\Local Settings\Temporary Internet Files\Content.IE5\ and then test your html page.
3)if it worked in content.ie5 you have to test it in real internet zone (upload it to some internet site "www.freewebs.com " and test it again)----->if it still works go to step (5)
5)post it to bugtraq,microsoft ,.....
-
June 6th, 2004, 01:02 PM
#4
Member
Well yes both black_death and Memory are coz IE is not Flawless. But i dont recommend updating or patching both IE and windows simultaneous.
1. First try to patch your IE if the problem persists then try
2. Patching up your OS.
please describe your OS and IE version
Currently working on sdome link directories and a brand new programming site. :P will post them soon.
-
June 6th, 2004, 03:21 PM
#5
Hello,
Try running your script with another browser. I personally like IE and all the new IE clones that are coming out. However, let us not forget that IE is a shell per se. Patching a shell will help remove any bugs, but it's still a shell. As such, obviously, access to your HDD with the html you wrote, could be possible. Adding more browsers to your quiver, might be the way to go as well.
Cheers
Connection refused, try again later.
-
June 6th, 2004, 04:04 PM
#6
displaying the contents of a folder locally is not a fault in ie. its designed to do that
click here
if ie is displaying the content of a folder and thats not what you expected id say the 'fault' is in your code
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
June 8th, 2004, 01:34 AM
#7
Member
infact there is no "display.html" file in that location
-
June 8th, 2004, 01:53 AM
#8
If you guys bothered to read the html, there is no submit button, therefore display.html is completely irrelevant. top.html however *IS* where the browser will be redirected. Form submission buttons are of the input type "submit", not "button". The only way the button would work is with some funky non-present-in-this-example javascript.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|