

Ask HN: Do you use MOTW (Mark of the Web)? - ez77

Please refer to:<p><pre><code>  http://msdn.microsoft.com/en-us/library/ms537628(VS.85).aspx

  http://www.helpstuff.com/motw.html
</code></pre>
Do you use this stuff? The creepy thing is that I somehow saw this "injected" in my very trivial static site (using nginx). Is it possible that nginx may have added this? Do you think this MOTW is useful at all?<p>Answers to any of these questions will be appreciated! Thanks.<p>PS: Why aren't my links clickable? =S
======
lfborjas
That "injection" was probably done by internet explorer, as stated in the
first sentence of that msdn site. I don't have IE, so can't give you a certain
answer. Check your site in another browser to see if that motw isn't there. I
bet it won't be.

~~~
ez77
It's puzzling me beyond belief. I first saw, of all things, using netcat! I
don't use IE... but that showed up there. Now I'm a level-1 rookie, and I know
my VPS security settings are very lax (e.g., I use root all the time), so I
could only understand it with a benign intruder. Beats me...

~~~
lfborjas
Well, sounds like you got some `chown` to do...

Some security considerations can't be overlooked, granted; but don't fret, it
was possibly put there client side(One might even hypothesise that a WYSIWYG
editor put it there by default, but I deem you would have seen that). Just
give the url to someone and ask them if it appears in the source. If it does,
delete it and see if appears again. If it does, then do get paranoid with
security, I guess.

------
fragmede
> Urls become links, except in the text field of a submission.

<http://news.ycombinator.com/formatdoc>

------
ez77
IMPORTANT UPDATE: I now realize this happened when I saved to disk my webpage
_using Chrome_ (!!!!). Frankly I thought Chrome would never do this, along
prodigal_erik's lines. It looks like IE is not the only one that isn't bit-
for-bit faithful...

------
ScottWhigham
Never heard of it...

