Latest IE patch breaking non username:password at encoded websites?
Scott Call
scall at devolution.com
Tue Feb 3 18:31:16 UTC 2004
On Tue, 3 Feb 2004, Jeff Workman wrote:
> My guess is that too many people were getting burned by URLs like this:
>
> http://www.microsoft.com@%77%77%77%2E%70%69%6D%70%77%6F%72%6B%73%2E%6F%72%67
>
> -Jeff
Right but the bug wasn't basic auth in a URL it was that the %01 character
stopped Outlook and IE from displaying the rest of the URL, so
http://www.ebay.com%[email protected]/ would show just "www.ebay.com" in
both outlook and the URL bar.
The problem isn't the auth but the masking ability of the escaped
characters.
Oh well, one more standard "Embraced and Extended" by the beast....
-S
--
Scott Call Router Geek, ATGi, home of $6.95 Prime Rib
I make the world a better place, I boycott Wal-Mart
VoIP incoming: +1 360-382-1814
More information about the NANOG
mailing list