Re: Stealth cookies
At 12:10 AM 8/6/96 -0700, you wrote:
John F. Fricker wrote:
Solution?
1) Don't put your name in the netscape configuration (d'oh)
No, no, no. Netscape navigator does not reveal your name or put it into cookies. The only way to get your name or other personal information about you into a cookie is for you to type it into a web site, and have that site send you back a cookie.
The only time we reveal your name is in e-mail headers, and when doing anonymous FTP when you have manually disabled the default of sending 'mozilla@' as the anon ftp password.
--Jeff
Oh I was just being paranoid I guess. There used to be JavaScript that would automatically send email from a page. something like <html> <body onLoad="document.mailme.submit()"> <form method=post name="mailme" action="mailto:john@vertexgroup.com?subject=user address"> <input type=hidden name="userAddress" value="done"> </form> </body> </html> But even if that still works it would be a good trick to associate it with a cookie.
John F. Fricker wrote:
Oh I was just being paranoid I guess. There used to be JavaScript that would automatically send email from a page. something like
<html> <body onLoad="document.mailme.submit()"> <form method=post name="mailme" action="mailto:john@vertexgroup.com?subject=user address"> <input type=hidden name="userAddress" value="done"> </form> </body> </html>
But even if that still works it would be a good trick to associate it with a cookie.
This was a bug that existed for a short time, and was fixed about 6 months ago. Javascript can not submit mailto: forms at all, and all mailto: forms now cause a warning dialog to come up(the dialog can be turned off in preferences). --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.
participants (2)
-
Jeff Weinstein -
jfricker@vertexgroup.com