META risk??

From: Jim Rosenberg (
Date: Mon 07 May 2001 - 14:29:14 UTC

  • Next message: Brian Schonecker: "Majordomo and Sanitizer"

    I am a new user of anomy, and so far am very happy with it.

    I'm curious to know what the risk is from allowing the HTML tag META
    to go through without defanging. I'm finding that nearly all HTML
    E-mail messages our users send are being defanged -- exclusively
    because of the META tag. The only problem with this is that they
    will get used to seeing the sanitizer.log attachment so often, they
    will never look at it. I guess there's no harm in that, but it would
    be nice if that showed up only when there really was something that
    needed defanged, like Javascript or some such.

    This may sound naive, but what nasty things are being stuffed into

    #include <disclaimer.h>
    Jim Rosenberg
    Ross Mould
    259 S. College St.
    Washington, PA  15301
    (724) 222-7006 x 189

    hosted by