[whatwg] "Content-Disposition" property for <a> tags
Dennis Joachimsthaler
dennis at efjot.de
Thu May 26 13:40:40 PDT 2011
Am 26.05.2011, 22:33 Uhr, schrieb Boris Zbarsky <bzbarsky at mit.edu>:
> On 5/26/11 3:12 PM, Dennis Joachimsthaler wrote:
>> Oh I see the problem... Is it the bang? #!/bin/perl #!/bin/python
>> #!/bin/bash
>> could very well result in the text file being executed in one of those
>> interpreters,
>> right?
>
> Yes, but even worse on some systems a .pl file will just handed over to
> the registered handler for those (often a Perl interpreter) if you try
> to "open" it (which is a different operation from "execute" and can be
> done even on files that are not executable; think double-clicking the
> file in a file manager).
>
> -Boris
Ah, I see. So the people using the GUI are in the gutter? Which are
also the people that are inexperienced and would be prone to such attacks.
Damn.
Though I think it still would happen rarely that a pl file gets downloaded.
I mean who on the most popular system, Windows, has a Perl interpreter
installed?
- Dennis Joachimsthaler
More information about the whatwg
mailing list