Re: blocking web pages based on content

From: Tilman Schmidt <Tilman.Schmidt@dont-contact.us>
Date: Wed, 01 Dec 1999 09:43:42 +0100

At 10:15 01.12.99 +0200, Panagiotis Malakoudis wrote:
>I believe that the only way to do that is by blocking java. Sites that open
>other sites when you click on the close button use Java to do that.

This is incorrect. JavaScript, not Java, is used to achieve that
sort of effect. JavaScript is quite different from Java. You could
possibly block Java applets with Squid, because they are transferred
as separate files with a distinct MIME type, but that would not help
you with the problem of pages opening other pages.

JavaScript, on the other hand, is embedded in the page itself,
and Squid has no means to strip it out.

My best advice would be to educate your users to switch off
JavaScript in their browsers because of its many security problems,
and nag any web operator whose site isn't usable without it. At
most, they should enable JavaScript on an individual basis for
accessing some trustworthy web site, and disable it again
afterwards.

Btw, the german information security authority (BSI) recommends
that every web site using JavaScript should offer an alternative
access working without it, for precisely that reason.

-- 
Tilman Schmidt          E-Mail: Tilman.Schmidt@sema.de (office)
Sema Group Koeln, Germany       tilman@schmidt.bn.uunet.de (private)
Received on Wed Dec 01 1999 - 01:57:11 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:40 MST