Latest IE patch breaking non username:password at encoded websites?
Suresh Ramasubramanian
suresh at outblaze.com
Tue Feb 3 17:40:08 UTC 2004
Herman Harless [2/3/2004 10:56 PM] :
> We're starting to take complaints from folks who have installed the
> latest IE patch about various broken website functionality. The
> complaints are not related to folks trying to use the username:password@
> functionality that was removed by the patch.
>
> Is anyone taking similar calls / seeing similar issues?
Yup - that is a "feature" supposed to avoid credit card phish sites that
try to spoof ebay with billing.ebay.com at some.evil.server/billing etc
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
More information about the NANOG
mailing list