[<prev] [next>] [day] [month] [year] [list]
Message-ID: <449A669B.30703@iku-ag.de>
Date: Thu, 22 Jun 2006 11:44:59 +0200
From: Kurt Huwig <k.huwig@...-ag.de>
To: imipak <imipak@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Bypassing of web filters by using ASCII
imipak schrieb:
> Hmmm, I just noticed Firefox's Accept-Charset header doesn't include
> ASCII. Does the HTTP spec say that ASCII is the default charset?
No, it's ISO-8859-1. According to
http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-035.pdf
Page 27 (37):
"11.2 Transformation from 7-bit to 8-bit codes
Within a CC-data-element any 7-bit combination has an equivalent 8-bit
form comprising b7 to b1 of the 7-bit form, together with a b8 of ZERO."
the MSB must be set to 0. The folks at Mozilla say it is evangelism for
some broken AOL pages, but then I ask why evangelism, when it does not
work with IE?
--
Mit freundlichen Grüßen
Kurt Huwig iKu Systemhaus AG http://www.iku-ag.de/
Vorstand Am Römerkastell 4 Telefon 0681/96751-0
66121 Saarbrücken Telefax 0681/96751-66
GnuPG 1024D/99DD9468 64B1 0C5B 82BC E16E 8940 EB6D 4C32 F908 99DD 9468
Download attachment "signature.asc" of type "application/pgp-signature" (255 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists