[lug] Web crawler advice

Bear Giles bgiles at coyotesong.com
Tue May 6 06:56:27 MDT 2008

Nate Duehr wrote:
> On May 5, 2008, at 10:54 PM, Bear Giles wrote:
>> If you want to be eviiiil, join us on the j2ee bench. You have full 
>> control of the network connection.
> (Snicker)... those were fun.  I like your style.  A mix of "lab 
> tester" mentality (hmm, what bounds did the programmer forget to think 
> about) and a little "Red Green Show" common sense in there with it.  
> Duct tape fixes everything!
> Kinda "proves" that web browsers are still pretty "stupid" (versus 
> "intelligent") after all these years, don't it?  :-)
This morning it occurred to me that google lives forever and I should be 
clear that I'm not actually suggesting anyone do this.  As you picked up 
I'm just pointing out the flip side of the error handling that everyone 
should be doing, but few people actually do.

(I take the Fifth on how many I've done accidently.)

The one that still blows my mind is the reported exploit where an <img> 
gets a -javascript- object back and executes it!  The JS can do nasty 
stuff before loading the image after itself.  How many people would 
think to look for malicious js code coming from an <img> tag?

More information about the LUG mailing list