Slashdot Mirror

← Back to Stories (view on slashdot.org)

Don't Hit That Back Button

Posted by ryuzaki0 on from the burn-your-bridges dept.

Saint Aardvark writes: "From the Bugtraq mailing list comes this warning: 'Using the Back Button in IE is dangerous'. When hitting the back button, javascript links will be executed in the security zone of the last url viewed. Proof-of-concept included in the warning will execute minesweeper or read your Google cookies."

2 of 640 comments (clear)

  1. Re:Java's been crashing IE of late by revscat · · Score: 1, Offtopic

    Java is insecure

    No, JavaScript implementations can be insecure, or VBScript can be insecure, but Java is very, very secure.*

    Methinks you are confusing JavaScript with Java. They're only related tangentially at best.

    * This being /. this point is, of course, infinitely debatable.

  2. Wow! I get to play minesweeper again! by Mustang+Matt · · Score: 1, Offtopic

    Rock and roll. I set a new record. I haven't played minesweeper since... win98SR1!

    --
    The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin