[ic] example of bad web programming
Doug Alcorn
interchange-users@lists.akopia.com
Thu May 31 18:19:01 2001
This isn't exactly on topic, but was so funny I had to put up a link
somewhere. :)
https://online.bankone.com/bank/bolLogin.asp?bolErrorMsgStr=This+is+Stupid+I+Think
This is a legitimate web site. It is actually bankone.com. The
foible is that they allow an arbitrary text message to be put in the
url. I don't think there's any real way to exploit this, per se.
However, it just stinks to me as bad design.
As an asside, I wonder if there's a way to force a buffer overflow
with this?
--
(__) Doug Alcorn (mailto:doug@lathi.net http://www.lathi.net)
oo / PGP 02B3 1E26 BCF2 9AAF 93F1 61D7 450C B264 3E63 D543
|_/ If you're a capitalist and you have the best goods and they're
free, you don't have to proselytize, you just have to wait.