WebApp Sec mailing list archives
RE: Phishing
From: Adam Lydick <lydickaw () ruffledpenguin org>
Date: Fri, 14 May 2004 19:20:09 -0700
I certainly agree with that. It is mostly significant because that misfeature can be removed without violating explicit standards. I believe a recent update to internet explorer does remove this capability from http links. On Fri, 2004-05-14 at 12:05 +0100, Griffiths, Ian wrote:
I wasn't aware of this Adam. It is certainly supported in enough browser to be significant. Ian -----Original Message----- From: Adam Lydick [mailto:lydickaw () ruffledpenguin org] Sent: Fri 14/05/2004 05:55 To: Griffiths, Ian Cc: webappsec () securityfocus com Subject: RE: Phishing while the generic description of URLs in an earlier RFC allows for "user@", the use of it is on a protocol-by-protocol basis and HTTP urls do not permit its use.)
Current thread:
- Re: Phishing, (continued)
- Re: Phishing Rogan Dawes (May 13)
- RE: Phishing Adam Lydick (May 14)
- Re: Phishing E.Kellinis (May 15)
- RE: Phishing Griffiths, Ian (May 13)
- RE: Phishing Griffiths, Ian (May 13)
- RE: Phishing Michael Silk (May 13)
- Re: Phishing Amit Sharma (May 13)
- Re: Phishing Amit Sharma (May 13)
- RE: Phishing Pete Simpson (May 13)
- RE: Phishing Griffiths, Ian (May 14)
- RE: Phishing Adam Lydick (May 15)
- RE: Phishing Damon McMahon (May 15)