Re: Absurd Microsoft QA? The Return of the "username@password"...

[Kevin Sullivan <krs () c3group net>]

>* Here's the final straw…  On February 10, 2004…  Microsoft released
> a patch that…  restores the "username@password:" functionality in URL
>references!
> * It seems they are trying to hide this fact as this is not
>widely publicized and it is NOT being labeled as an IE patch nor a even
>a security patch!

Probably because it is NOT a security patch, nor does it restore the
embedded-credentials functionality. It addresses the specific problem
(created by the 04 patch )of not being able to pass user credentials in
an XML Open() call.

From the M$ article:
"This fix will only enable the scenario where user credentials are passed as
parameters in the Open() method call. It will not enable scenarios where
the user credentials are embedded in the URL."


Ks 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html