Comments on: IE7 javascript echo http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/ A tool for designers dealing with programmers dealing with designers... Thu, 20 Nov 2008 20:47:48 +0000 http://wordpress.org/?v=2.6.2 By: JD http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-297 JD Sat, 04 Aug 2007 20:14:17 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-297 it's been round and used for a long time *EDITED (Nice Try) lol* it’s been round and used for a long time *EDITED (Nice Try) lol*

]]> By: Gareth Heyes http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-296 Gareth Heyes Sat, 04 Aug 2007 10:34:58 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-296 Yeah I agree it's not a bug but it is quite interesting way to avoid filters as my example in comment 7. The : thing is quite interesting too because you can directly call a function in the url without using () again another thing to be aware of when developing html/javascript filters. Thanks everyone! Yeah I agree it’s not a bug but it is quite interesting way to avoid filters as my example in comment 7.

The : thing is quite interesting too because you can directly call a function in the url without using () again another thing to be aware of when developing html/javascript filters.

Thanks everyone!

]]> By: sirdarckcat http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-295 sirdarckcat Sat, 04 Aug 2007 07:39:32 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-295 Hi! I also think it's not a bug.. the javascript URI will output the response of the function to the document, it is the desired behaivor, and iin that I base JaSiLDBG (http://jasildbg.googlepages.com).. :P javascript:anything:thisfunctionsdoesntexist:''; The anything:something:whatever: think is because they are valid labels: http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Statements:label Greetz!! Hi!

I also think it’s not a bug.. the javascript URI will output the response of the function to the document, it is the desired behaivor, and iin that I base JaSiLDBG (http://jasildbg.googlepages.com)..

:P

javascript:anything:thisfunctionsdoesntexist:”;

The anything:something:whatever: think is because they are valid labels:

http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Statements:label

Greetz!!

]]> By: Christian Wenz http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-293 Christian Wenz Sat, 04 Aug 2007 00:25:41 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-293 aah, the link I wanted to post was this one: [a href="javas*removethis*cript:window.open(...)"] aah, the link I wanted to post was this one:

[a href="javas*removethis*cript:window.open(...)"]

]]> By: Christian Wenz http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-292 Christian Wenz Sat, 04 Aug 2007 00:24:45 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-292 many people stumble upon that when they try something like <a href="window.open(...)" rel="nofollow"> and get an output like [window object] instead. And as Stefan already said, all browsers do that (starting from Netscape 2) ;-) many people stumble upon that when they try something like and get an output like [window object] instead. And as Stefan already said, all browsers do that (starting from Netscape 2) ;-)

]]> By: Gareth Heyes http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-291 Gareth Heyes Fri, 03 Aug 2007 14:56:20 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-291 Hi Stefan I just thought IE7 and now it appears Firefox has some odd behavior. In that it allows you to directly insert html or javascript code through the url without document.write. I noticed it when I was testing the PHPIDS for code injection. I'm not sure if it is really a problem or not because you have to use javascript: anyway. Hi Stefan I just thought IE7 and now it appears Firefox has some odd behavior. In that it allows you to directly insert html or javascript code through the url without document.write.

I noticed it when I was testing the PHPIDS for code injection. I’m not sure if it is really a problem or not because you have to use javascript: anyway.

]]> By: Stefan Esser http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-290 Stefan Esser Fri, 03 Aug 2007 14:39:26 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-290 Ehmm I wonder what you are actually trying todo with your example. It seems for me to work in both IE7 and latest FF Ehmm I wonder what you are actually trying todo with your example.

It seems for me to work in both IE7 and latest FF

]]> By: Gareth Heyes http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-289 Gareth Heyes Fri, 03 Aug 2007 14:36:16 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-289 That link translates to:- javascript:'<script>alert(1)</script>' I know it's on the about:blank document but still I found it interesting. That link translates to:-
javascript:’<script>alert(1)</script>’

I know it’s on the about:blank document but still I found it interesting.

]]> By: Gareth Heyes http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-288 Gareth Heyes Fri, 03 Aug 2007 14:17:39 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-288 Ok pdp I believe you :) But hey look at what can do, good for avoiding filters:- <a href="javascript:document:alert:String.fromCharCode(60,115,99,114,105,112,116,62,97,108,101,114,116,40,49,41,60,47,115,99,114,105,112,116,62)" rel="nofollow">Test</a> Ok pdp I believe you :)

But hey look at what can do, good for avoiding filters:-
Test

]]> By: pdp http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-287 pdp Fri, 03 Aug 2007 13:35:00 +0000 http://www.thespanner.co.uk/2007/08/03/ie7-javascript-echo/#comment-287 nope :) it is not a bug. as I said the content will be rendered as html. You are still in about:blank! I think that I discussed thihs somewhere on GC. nope :) it is not a bug. as I said the content will be rendered as html. You are still in about:blank! I think that I discussed thihs somewhere on GC.

]]>