Latest IE patch breaking non username:password at encoded websites?

• Previous message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Next message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 3 Feb 2004, Jeff Workman wrote:

> My guess is that too many people were getting burned by URLs like this:
>
> http://www.microsoft.com@%77%77%77%2E%70%69%6D%70%77%6F%72%6B%73%2E%6F%72%67
>
> -Jeff

Right but the bug wasn't basic auth in a URL it was that the %01 character
stopped Outlook and IE from displaying the rest of the URL, so
http://www.ebay.com%[email protected]/  would show just "www.ebay.com" in
both outlook and the URL bar.

The problem isn't the auth but the masking ability of the escaped
characters.

Oh well, one more standard "Embraced and Extended" by the beast....

-S


-- 
Scott Call	Router Geek, ATGi, home of $6.95 Prime Rib
I make the world a better place, I boycott Wal-Mart
VoIP incoming: +1 360-382-1814

• Previous message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Next message (by thread): Latest IE patch breaking non username:password at encoded websites?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]