anomy-list

Announcing sanitizer.pl, revision 1.54

From: Bjarni R. Einarsson (52855@xyz.molar.is)
Date: Wed 18 Sep 2002 - 11:26:39 GMT

Next message: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"

Previous message: Jon Gabrielson: "open source antivirus programs."
Next in thread: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"
Reply: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

When it rains it pours. :-)

I've released a rather minor update to the Sanitizer:
http://mailtools.anomy.net/.

The only change this time is within the HTML cleaner (which has been
updated to revision 1.17), adding protection against the hcp://
protocol exploit discussed here:

http://online.securityfocus.com/archive/1/287482/2002-08-15/2002-08-21/0

When adding this I realized that there may be quite a few other
protocols I should be blocking, so any feedback on what protocols
you feel should be allowed in or banned from HTML src= and href=
attributes would be most welcome.

-- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 52855@xyz.molar.is -><- http://bre.klaki.net/

Check out my open-source email sanitizer: http://mailtools.anomy.net/ Spammers, please send plenty of email to: 52938@xyz.molar.is

Next message: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"
Previous message: Jon Gabrielson: "open source antivirus programs."
Next in thread: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"
Reply: Andrew: "Re: Announcing sanitizer.pl, revision 1.54"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

hosted by molar.is