• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Sorry
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sorry

  • Subject: Re: Sorry
  • From: Dave Balderstone <email@hidden>
  • Date: Fri, 02 Jul 2004 10:21:19 -0600
As a matter of policy I do not click links that have been hidden by one of the redirect services. Period.

djb


On Jul 1, 2004, at 4:48 PM, Martin Orpen wrote:

on 1/7/04 7:41 pm, Charles Arthur at email@hidden wrote:

Hmm, very interesting. Doesn't auto-run. But one could imagine that you'd
only have to change the thing you had in the window to ".app" and it would.
(Might it?)

No.

This isn't some weird voodoo or malicious hack. The "applescript://" scheme
is described here:

http://www.apple.com/applescript/scripteditor/12.html

I saw it a couple of months back and thought it was interesting.

Today, I was experimenting with a couple of URL protocols and thought I'd
try to see if any of the URL redirection services would accept a URL with an
"applescript://" prefix.

My favourite service ShorterLink.com would not accept the URL as it adds
"http://"; to any urls that don't already include this.

The reason that it is my favourite redirection service is that it allows you
to see the destination URL before taking you there - which is important
nowadays.

My second favourite redirection service accepted the applescript:// prefix
without a problem.

Depending on your POV this could be a good or a bad thing - I think that is
pretty good because:

Being able to distribute scripts using short URLs that don't break in emails
or Usenet posts is a good thing.

Being able to distribute URLs without having to make up web pages and store
them on a web site that you have to pay for is another good thing.


Faintly scary. I thought it was just the Windows users who were meant to
get things popping up on their machine when they clicked a link.

The fact that it opens script editor may be a bit shocking, but it can't
compile or run the script.

And as for popping stuff up when you click a link, you've been able to do
that ever since the file:// scheme was introduced - here are a couple I
prepared earlier...

This should resolve to 127.0.0.1:

http://tinyurl.com/30j9

This should open a Finder window at /var/log and highlight the system.log
file:

http://tinyurl.com/3885n

This one will tell you that your machine has been hacked and show the
contents of your hostconfig file:

http://www.tristimulus.co.uk/hackIt/

It's bullshit of course, but you can easily get local data into a browser
frame using local URLs like that.

Regards

--
Martin Orpen
Idea Digital Imaging Ltd -- The Image Specialists
http://www.idea-digital.com
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: Sorry
      • From: Graff <email@hidden>
References: 
 >Re: Sorry (From: Martin Orpen <email@hidden>)

  • Prev by Date: Re: Server side AppleScript but not with FMP7
  • Next by Date: Re: How to Test for a file ...
  • Previous by thread: Re: Sorry
  • Next by thread: Re: Sorry
  • Index(es):
    • Date
    • Thread