IE Explorer不会停止渲染标签 [英] IE Explorer wont' stop rendering tags
问题描述
我很确定你们中的许多人在将文件识别为
为html时遇到了问题。现在我处于相反的位置。文本文件.txt文件,.kook
文件无论如何,IE6将尝试渲染任何看起来像标签的东西。
我已经做了一个页面带框架(为了羞耻)我已指定txt文件
作为src用于查看源。
NN7.1将显示框架中的文字。 IE不会。
我试过通过perl / web服务器弹出标题;我试过了
http-equiv;所以我去过那里。
< frameset rows =" 10%,*,25%" frameborder =" 1">
< frame src =" regh.html">
< frameset cols =" 50% *" frameborder =" 1">
< frame src =" file1.txt" name =" Frame2">
< frame src =" file2.txt" name =" Frame3">
< / frameset>
< frame src =" regbtm.html" name =" Regex Ctrl"
< / frameset>
Jon W写道:
我相信很多人在将文件识别为html时遇到了问题。现在我处于相反的位置。文本文件.txt文件,.kook
文件无论如何,IE6将尝试渲染任何看起来像标签的东西。
是的,IE是愚蠢的。
-
Toby A Inkster BSc(荣誉)ARCS
联系我〜 http://tobyinkster.co.uk/contact
正在播放〜./tracy_chapman/collection/ 11_wedding_song.ogg
blockquote>
Jon W skrev 2004-09-04 15:39:
我是确定你们许多人在将文件识别为html时遇到了问题。现在我处于相反的位置。文本文件.txt文件,.kook
文件无论如何,IE6将尝试渲染任何看起来像标签的东西。
我已经制作了一个带框架的页面(羞耻)和我为了查看源代码,已经指定txt文件作为src。
NN7.1将在框架中显示文本。 IE不会。
我试过通过perl / web服务器弹出标题;我试过了
http-equiv;所以我去过那里。
< frameset rows =" 10%,*,25%" frameborder =" 1">
< frame src =" regh.html">
< frameset cols =" 50%,*" frameborder =" 1">
< frame src =" file1.txt" name =" Frame2">
< frame src =" file2.txt" name =" Frame3">
< / frameset>
< frame src =" regbtm.html" name =" Regex Ctrl">
< / frameset>
正如Toby所说,IE是愚蠢的:-)
IE don不关心文件的扩展名是什么。它查看文件
并根据内容做出决定,并在此之后进行渲染。
这就是为什么IE始终存在安全风险。你可以发送
某人你命名为virus.txt的文件。即使它真的是一个
可执行文件和易受攻击的文件。 IE将其呈现为exe。当其他
浏览器将其渲染为无害的文本文件时。
-
/ Arne
Arne写道:
Jon W skrev 2004-09-04 15:39:
文本文件.txt文件,.kook文件无论如何,IE6将尝试渲染任何看起来像标签的东西。
IE不关心文件的扩展名是什么。
我们应该这么幸运。 IE不应该关心
文件的扩展名,因为文件扩展名仅与文件系统相关,IE是一个
的Web客户端,而不是服务器。请记住,url'没有文件扩展名。
这就是说,你错了:IE *确实*关心扩展名是什么。如果它b $ b无法通过嗅探内容来确定内容类型是什么,那么
会采用其他方式,包括通过处理字符串来猜测
作为文件扩展名在url之后出现。
它查看文件并根据内容
做出决定,并在之后呈现它。
好吧,有点儿。它首先查看*文档*的内容。注意
文件实际上不是文件,可能在服务器上。
这就是为什么IE总是存在安全风险的根本原因。您可以向某人发送一个名为virus.txt的文件。即使它真的是一个可执行的和易受攻击的文件。 IE将其呈现为exe。当其他浏览器将其呈现为无害的文本文件时。
IE存在安全风险,因为它忽略了mime类型而有利于它
自己的猜谜游戏。至少,它曾经猜过。在sp2中,内容嗅探需要一些步骤,但显然仍然使用文件
扩展名。猜测,违反规范。
-
Brian(删除.invalid给我发电子邮件)
http://www.tsmchughs.com/
I''m sure that many of you have had problems getting files recognized
as html. Now I''m in the reverse position. Text file .txt file, .kook
file whatever, IE6 will try and render anything that looks like a tag.
I''ve made a page with frames (for shame) and I''ve specified txt files
as the src for the purpose of viewing the source.
NN7.1 will display text in the frames. IE will not.
I''ve tried poping headers through perl/web server; I''ve tried
http-equiv; so I''ve been there.
<frameset rows="10%,*,25%" frameborder="1">
<frame src="regh.html">
<frameset cols="50%,*" frameborder="1">
<frame src="file1.txt" name="Frame2">
<frame src="file2.txt" name="Frame3">
</frameset>
<frame src="regbtm.html" name="Regex Ctrl">
</frameset>解决方案Jon W wrote:
I''m sure that many of you have had problems getting files recognized
as html. Now I''m in the reverse position. Text file .txt file, .kook
file whatever, IE6 will try and render anything that looks like a tag.
Yes, IE is stupid.
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Now Playing ~ ./tracy_chapman/collection/11_wedding_song.ogg
Jon W skrev 2004-09-04 15:39:
I''m sure that many of you have had problems getting files recognized
as html. Now I''m in the reverse position. Text file .txt file, .kook
file whatever, IE6 will try and render anything that looks like a tag.
I''ve made a page with frames (for shame) and I''ve specified txt files
as the src for the purpose of viewing the source.
NN7.1 will display text in the frames. IE will not.
I''ve tried poping headers through perl/web server; I''ve tried
http-equiv; so I''ve been there.
<frameset rows="10%,*,25%" frameborder="1">
<frame src="regh.html">
<frameset cols="50%,*" frameborder="1">
<frame src="file1.txt" name="Frame2">
<frame src="file2.txt" name="Frame3">
</frameset>
<frame src="regbtm.html" name="Regex Ctrl">
</frameset>
As Toby said, IE is stupid :-)
IE don''t care what the extension is for a file. It looks in to the file
and makes the decision from what the content is, and render it after that.
That''s the basic reason why IE always is a security risk. You can send
somebody a file that you named "virus.txt" even if it realy is a
executable and vulnerable file. IE will render it as "exe" when other
browsers render it as a harmless text file.
--
/Arne
Arne wrote:
Jon W skrev 2004-09-04 15:39:Text file .txt file, .kook file whatever, IE6 will try and render
anything that looks like a tag.
IE don''t care what the extension is for a file.
We should be so lucky. IE shouldn''t care what the extension is on the
file, since file extension is only relevant on a filesystem, and IE is a
web client, not a server. Remember that url''s have no file extension.
That said, you''re wrong: IE *does* care what the extension is. If it
cannot determine what the content type is by sniffing the content, it
resorts to other means, including guessing by treating the string that
comes after the period in a url as a file extension.
It looks in to the file and makes the decision from what the content
is, and render it after that.
Well, sort of. It first looks at the contents of the *document*. Note
that a document is not really a file except, maybe, on the server.
That''s the basic reason why IE always is a security risk. You can
send somebody a file that you named "virus.txt" even if it realy is a
executable and vulnerable file. IE will render it as "exe" when
other browsers render it as a harmless text file.
IE is a security risk because it ignores the mime type in favor of its
own guessing game. At least, it used to guess. In sp2, it takes some
steps away from content sniffing, but apparently still uses "file
extension" to guess, in violation of the spec.
--
Brian (remove ".invalid" to email me)
http://www.tsmchughs.com/
这篇关于IE Explorer不会停止渲染标签的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
