[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Patch: konqueror form attacks
From:       Bernhard Rosenkraenzer <bero () redhat ! de>
Date:       2001-09-03 14:08:17
[Download RAW message or body]

On Mon, 3 Sep 2001, Matthias Hoelzer-Kluepfel wrote:

> Sounds reasonable. One problem, however, is that with your modification, the
> user can allow to use protocols other than http and https. This is blocked in
> konqueror, currently, but maybe we should still disallow it at this place.
> What do you think?

I'm all for allowing it if the user specifically requests it - what's
wrong with e.g.

<p>Please let me know what you think about my website</p>
<form method=post action="mailto:foo@bar.com">
<textarea>Your comments here!</textarea>
</form>

This stuff is not very nice, but I don't see why it shouldn't work (and
yes, I've actually seen people doing this, mostly while learning html).

LLaP
bero

[prev in list] [next in list] [prev in thread] [next in thread]