The Lurker

Latest posts | Archive

posted by ajf on 2003-04-14 at 10:19 am

Safely embedding one HTML document in another isn't easy.

Normally, at the bottom of a reasonably long message, Hotmail displays these buttons and links (with my mouse hovering over the Delete button):

Hotmail's Reply, Reply All, Forward, and Delete buttons, and Next, Previous and Close links

But one piece of HTML email I looked at this morning caused this (again with the mouse pointer over the Delete button):

Hotmail's Reply, Reply All, Forward, and Delete buttons, and Next, Previous and Close links; this time the four links and the word "Delete" are orange

It appears that the style rules used by the HTML email have "leaked" out to affect the Hotmail web page itself. What Hotmail should be doing, I suppose, is rewriting the email's style rules so that they are only applied to the email and not the Hotmail page around it, but that would probably be painful and error-prone. Even so, you could accidentally or intentionally make a real mess out of the Hotmail page if you exploited this; it might be possible, for example, to make the Delete button disappear.

Related topics: Web

All timestamps are Melbourne time.