HXXP browser protocol

Landon Stewart lstewart at superb.net
Thu Sep 13 21:21:22 UTC 2012

On 13 September 2012 09:38, Sean Harlow <sean at seanharlow.info> wrote:

> Using "hxxp" is a common method to prevent auto-linking by various
> email/IM clients and/or forum software to then require the user to actively
> copy/paste the URL to get the content.
> In the case of a security alert, I could see it being used if the
> destination is in fact an example of an attack site to prevent someone from
> inadvertently clicking the link and getting infected.

All true and commonly used but it's worth mentioning that putting a space
before the *dot TLD* is a better way to prevent auto linking in email/IM
clients since most of them detect the formation URLs by other means rather
than rely on the exitence of http://.

Landon Stewart <LStewart at Superb.Net>
Sr. Administrator
Systems Engineering
Superb Internet Corp - 888-354-6128 x 4199
Web hosting and more "Ahead of the Rest": http://www.superbhosting.net

More information about the NANOG mailing list