I was wondering if an ePUB file could be embedded with malicious script since this is a well known vulnerability of Adobe’s pdf files. A quick Google search linked to a forum where someone had asked the same question.

So it turns out ePUB is just a bunch of html and css files! What?!

Then I came across this article from Smashing Magazine. And yup it is just a bunch of html and css files.

Not only that, it is just as easily editable!

At this point if you want to play a trick on someone, let your imagination go wild. Just open up your favorite text editor and get started! The Smashing Magazine article gives a great rundown on how to edit ePUB files.

So, good news - it doesn’t seem like someone can embed malicious scripts.

Even better news - if you know the basics of html and css you can have some fun times =).

It was cool to stumble upon this. Sometimes when you’re at the point where (for the safety of your computer) you don’t want to see another arcane CSS quirk, it’s great to know that the usefulness of said CSS/HTML/XML is not just restricted to web development.