[Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity

[Heikki Toivonen]

Jim Race wrote:
>>> http://petard.freeshell.org/ms-announce.html
> Check that. With Moz 1.5:
> 
> Opening in a new *TAB* takes one to MS. Clicking the link takes one to 
> /. with "http://www.microsoft.com%01@slashdot.org/" in the address bar.

That is because the href points to MS, and that is what we will use for 
opening a link in a new tab. The Slashdot link will be followed in case 
of a click event (context menu or middle-click won't therefore activate it).

-- 
   Heikki Toivonen