nanog mailing list archives
Re: Latest IE patch breaking non username:password@encoded websites?
From: Scott Call <scall () devolution com>
Date: Tue, 3 Feb 2004 10:31:16 -0800 (PST)
On Tue, 3 Feb 2004, Jeff Workman wrote:
My guess is that too many people were getting burned by URLs like this: http://www.microsoft.com@%77%77%77%2E%70%69%6D%70%77%6F%72%6B%73%2E%6F%72%67 -Jeff
Right but the bug wasn't basic auth in a URL it was that the %01 character stopped Outlook and IE from displaying the rest of the URL, so http://www.ebay.com%01 () boogeyman gov/ would show just "www.ebay.com" in both outlook and the URL bar. The problem isn't the auth but the masking ability of the escaped characters. Oh well, one more standard "Embraced and Extended" by the beast.... -S -- Scott Call Router Geek, ATGi, home of $6.95 Prime Rib I make the world a better place, I boycott Wal-Mart VoIP incoming: +1 360-382-1814
Current thread:
- Latest IE patch breaking non username:password@encoded websites? Herman Harless (Feb 03)
- RE: Latest IE patch breaking non username:password@encoded websites? Bob German (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Bryan Heitman (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Jeff Workman (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Scott Call (Feb 03)
- RE: Latest IE patch breaking non username:password@encoded websites? David Schwartz (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Jeff Workman (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Suresh Ramasubramanian (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Alexei Roudnev (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Duane Wessels (Feb 03)
- Re: Latest IE patch breaking non username:password@encoded websites? Alexei Roudnev (Feb 03)