[Full-disclosure] abnormal behavior Gmail logon

[oscar.fajardo at ya.com (Oscar Fajardo)]

Because "loading.html" is the first HTML page you request via browser when 
you log to gmail:

GET /mail?gxlu=blah&zx=blah HTTP/1.1
POST /accounts/ServiceLoginAuth HTTP/1.1
GET 
/accounts/CheckCookie?continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3F&service=mail&chtml=LoginDoneHtml 
HTTP/1.1
GET /mail/?auth=blah HTTP/1.1
GET /mail/?view=page&name=browser&ver=blah HTTP/1.1
GET /mail/?view=page&name=loading&ver=blah HTTP/1.1
GET /favicon.ico HTTP/1.1
GET /mail/?view=page&name=js&ver=3ee190b6dcef2cf0 HTTP/1.1

******** GET /mail/html/es/loading.html HTTP/1.1

  I suppose that if he tries to get http://somehost/somepage.html the 
behaviour will be the same.

  Regards.

----- Original Message ----- 
From: "Brian Eaton" <eaton.lists@xxxxxxxxx>
To: "Oscar Fajardo Sanchez" <oscar.fajardo@xxxxxxxxxxxxxx>
Cc: <full-disclosure@xxxxxxxxxxxxxxxxx>; <Valdis.Kletnieks@xxxxxx>
Sent: Tuesday, May 30, 2006 10:06 PM
Subject: Re: [Full-disclosure] abnormal behavior Gmail logon


> On 5/30/06, Oscar Fajardo Sanchez <oscar.fajardo@xxxxxxxxxxxxxx> wrote:
>>
>>   Take a look at:
>>
>>    HKEY_CURRENT_USER\Software\Classes\.htm
>>
>>   You will see "FirefoxHTML" **if firefox is your default browser**. The 
>> server is
>> just sending a html file, which, according to the registry of the client 
>> machine,
>> has to be rendered by "firefox.exe"
>
> Any idea why the OP isn't seeing this happen on every web page?
>
> - Brian
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>