http://qs1969.pair.com?node_id=206859


in reply to Filtering potentially dangerous URI schemas in <a href="...">

Agreed. On a related note, I saw a report that some special URL type related to windows help could wipe your computer under XP (SP1 fixes this). Apparently an url with a winhelp specific schema could order the computer to write a file to any place you name on disk. Such as somewhere in the system directories... No, no link, and not confirmed. But wouldn't be surprised if it was true.

Only allowing the above (https?, ftp, mailto) would eliminate such as well.


You have moved into a dark place.
It is pitch black. You are likely to be eaten by a grue.