Jargons of Info Tech industry
Mike Meyer
mwm at mired.org
Fri Aug 26 20:40:49 EDT 2005
gordonb.vu2n4 at burditt.org (Gordon Burditt) writes:
>>HTML is designed to degrade gracefully (never mind that most web
>>authors and many browser developers don't seem to comprehend this), so
>>you don't really need a "subset" html to get the safety features you
>>want. All you need to do is disable the appropriate features in the
>>HTML renderer in your news and mail readers. JavaScript, Java, and any
>>form of object embedding. Oh yeah, and frames.
>
> And links. And cookies. And any kind of external site or local
> file access. And browser history.
That depends on whether you're trying to keep an HTML message from
doing anything nasty (like revealing that you read it) when you render
it, or to make sure it *never* does anything nasty, no matter what you
do with the message.
If all you want is the former - which is what the OP asked for, and I
was replying to - then nothing on the list you gave is required. Some
of the things you list are a danger even without HTML; most modern
news/mail readers will follow links in flat ascii.
<mike
--
Mike Meyer <mwm at mired.org> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
More information about the Python-list
mailing list