[Adium-devl] Filtering messages
John Bailey
rekkanoryo at rekkanoryo.org
Thu Dec 27 05:37:06 UTC 2007
Ryan Govostes wrote:
> Is it me, or is AIM filtering <script> (the HTML script tag) ? A
> friend and I went back and forth arguing over whether or not one of us
> sent a message for several minutes, only to realize that his use of
> angled brackets for "insert something here" was being processed as a
> potential attack against poorly written clients.
I would not be surprised in the least if the AIM servers have started filtering
the script tag. I read recently that there have been cross-site scripting
vulnerabilities in the official AIM clients for Windows, and that the patched
clients did not completely fix the problem. So it seems to me that this is
within the realm of possible "solutions" AOL came up with.
Keep in mind, I have no idea if this is the case; it just seems likely to me.
John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20071227/2ed4c470/attachment.sig>
More information about the devel
mailing list