Latest IE patch breaking non username:password at encoded websites?

• Previous message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Next message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So, instead of changing 'visialization' part of IE, MS give up and decided
to drop important piece of standard?
Ok, you can always show HOST name in URL, dim user name, and position
location so that you can see real host. You can show a warning, if user name
looks like real domain name (have . inside and have 2 - 4 chars in last
piece of name), etc etc...




>
> Herman Harless  [2/3/2004 10:56 PM] :
> > We're starting to take complaints from folks who have installed the
> > latest IE patch about various broken website functionality.  The
> > complaints are not related to folks trying to use the username:password@
> > functionality that was removed by the patch.
> >
> > Is anyone taking similar calls / seeing similar issues?
>
> Yup - that is a "feature" supposed to avoid credit card phish sites that
>   try to spoof ebay with billing.ebay.com at some.evil.server/billing etc
>
> -- 
> srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
> manager, outblaze.com security and antispam operations

• Previous message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Next message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]