Modern mail clients don't send mail immediately in response to mailto forms. They usually bring up a mail composition window, letting you inspect or modify the message before sending it.
Summary: Cursor movement on Web Page starts other programs (Email Client) → Cursor movement on Web Page starts Email Client
-> invalid The page intends to demonstrate an old security flaw in Netscape, which doesn't apply to us.
Severity: major → normal
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Component: Web Site → General
Resolution: --- → INVALID
*** Bug 294453 has been marked as a duplicate of this bug. ***
(In reply to comments #1 and #2) >Modern mail clients don't send mail immediately in response to mailto forms. >They usually bring up a mail composition window, letting you inspect or modify >the message before sending it. Yes thats how they're supposed to work, it should just display a blank message and not send anything. When I tested it, Thunderbird opened up a blank composition window but didnt send anything, so just to make sure, I switched the default to Outlook Express and it did manage to somehow send a blank message to the mailto link in the script. It may be because of my settings in Thunderbird that it didnt send the message but I can't be too sure. > -> invalid > The page intends to demonstrate an old security flaw in Netscape, which >doesn't apply to us. I partially disagree. Yes, it was originally a flaw in Netscape and that is exactly what that page was meant to demonstrate, im not arguing that at all. But, and correct me if I am wrong, I was/am under the assertion that any vulnerability most certainly applies to us if it can be exploited on a non-netscape Mozilla build, which is firefox in this case.
You need to log in before you can comment on or make changes to this bug.