Re: WWW Security Hole
George Phillips <phillips@cs.ubc.ca>
Date: 12 Aug 93 13:14 -0700
From: George Phillips <phillips@cs.ubc.ca>
To: <roy@mchip00.med.nyu.edu>
Cc: <www-talk@nxoc01.cern.ch>
In-reply-to: <9308121946.AA04994@mchip00.med.nyu.edu>
Message-id: <6120*phillips@cs.ubc.ca>
Subject: Re: WWW Security Hole
Status: RO
roy@mchip00.med.nyu.edu sez:
>I'm not sure I understand the problem. Telnet will let you send a single
>line of text to any port on any machine. If if your telnet won't, it's
>trivial to do it yourself with a few lines of C code (or perl, I guess)
Right. But if you do it with telnet you know what you sent. The Web
browser will do this on your behalf without you even knowing what
was sent. Or even knowing that you sent it.
-- George