[FoRK] pop-ups in firefox?

Joe Barrera joe at barrera.org
Wed Mar 30 18:21:21 PST 2005


Bill Humphries wrote:

>  I've seen this foil Safari, where the bad guy puts the open window
>  code in a fragmented string:
>
>  "Win" + "dow.open" + "('http://killthemonkey" + ".adserver.com')"
>
>  Then eval-ing it.
>
>  So you'd have to scan strings... ugly, eh?

Sure, but the browser owns the javascript interpreter, so...
this shouldn't be too hard to catch, should it?

- Joe



More information about the FoRK mailing list