lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050826094000.1e3e3b48.gstewart@spamcop.net>
Date: Fri, 26 Aug 2005 09:40:00 +0200
From: Godwin Stewart <gstewart@...mcop.net>
To: Niels Bakker <niels-bugtraq@...ker.net>
Cc: bugtraq@...urityfocus.com, gillettdavid@...a.edu,
	boonstoppel@...il.com
Subject: Re: unload event in ie/mozilla/opera


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 25 Aug 2005 00:31:28 +0200, Niels Bakker <niels-bugtraq@...ker.net>
wrote:

> * gillettdavid@...a.edu (David Gillett) [Thu 25 Aug 2005, 00:02 CEST]:
> >  What's worse, some browsers interpret "close the browser" to trigger
> >the onunload() method, and that's just wrooong.
> 
> Not that wrong, the website author could want to clear a session cookie 
> or similar.

If it's a session cookie then it'll die automatically when the browser
closes down. No need to clear it.

There are many useful features of browsers (and other software - remember
when it used to be a kindness to leave an MTA as an open relay and
considered rude not to?) that have had to be deactivated because of abuse by
scum such as spammers. Firing up the onUnload event on window/browser
shutdown is one that should be added to that list IMO.

- -- 
G. Stewart - gstewart@...mcop.net

Maintainer's Motto:
        If we can't fix it, it ain't broke.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDDsdQK5oiGLo9AcYRAvQxAJ9YKaw2iCsoBrKtWbS5CbUg5k8yaACgkplF
Sexe+P8SsRj1qiNhDIdYll8=
=4lWX
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ