05-02-04

anti spoofing javascripts

De twee technieken tegen spoofing
The first workaround follows:
When the user has open in their browser a website which appears to have a correct URL but where the authenticity of the content is in question, paste the following javascript URL into the location bar of the document:
javascript:alert("Actual URL address: " + location.protocol + "//" + location.hostname + "/");
This fuction will output the originating hostname of the content in question. If what is presented in the alert box differs from what is in the address bar, the content may be spoofed and should not be trusted (i.e. forms should not be completed and submitted, links should not be followed and files should not be downloaded from the page).
The following Javascript URL is a variation of the previous and will display both URLs for comparison at once:
javascript:alert("The real URL is: " + location.protocol + "//" + location.hostname + "/" + "nThe address URL is: " + location.href + "n" + "If the server names do not match, this may be a spoof.");
The second workaround involves using the History Explorer Bar. In the "View" menu, select "Explorer Bar" and then select "History". This should open a pane that displays recently visited URLs. Placing the mouse pointer over an entry in the Explorer Bar History will display the associated URL for that entry. Review those URLs to make sure they are correct and that the entry for the site being visited matches what is presented in the address bar. If they do not, the content may be spoofed and should not be trusted.
of gewoon de patches installeren
ekz

23:08 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.