Re: IE bug (?)

[Ian Kayne <Ian.Kayne () SOFTLAB CO UK>]

I've checked this out, and noticed the following things:

1. Inserting anything between the %00 and the +- makes no change
2. Inserting a "\" anywhere after the %00 automatically converts it to a
"/", which is strange because using a "\" in place of a "/" in normal usage
works fine, with no conversion 
(http://www.microsoft.com\windows\default.asp)
3. Regardless of the string used (eg: ..../%00+-/thisdoesntexist.htm),
everything after the final "/" is replaced with the default domain page.
However even when the "correct" url is appended, IE still sits in a loop.
4. You do not require the +- to create this fault:
http://www.microsoft.com/%00/ms.htm  produces the same result
5. "/" seems to delimit the %00 in some way - if it is not surrounded by "/"
or "\"'s, the fault does not appear.
6. The fault only occurs when using a valid domain name on IIS. So IIS must
have some hand in this - possibly the way it translates the bad url,
returning another bad url to IE?

Tested on IE5

Another Unicode problem? Strange behaviour at least...

Ian Kayne
Technical Specialist - IT Solutions
Softlab Ltd - A BMW Company


> -----Original Message-----
> From: Sardañons, Eliel [mailto:Eliel.Sardanons () PHILIPS EDU AR]
> Sent: 05 February 2001 18:08
> Subject: IE bug (?)
>
>
> http://www.farmaciastodas.com.ar/%00+-/
> http://www.microsoft.com/%00+-/
>
> "%00+-/" I have been trying to know the nature of this bug, 
> but I coultdn't
> find anything ... I think (I'm sure) that this is a IE bug, 
> but it doesn't
> work in all the http servers, I have seen that it only work 
> in IIS and, only
> sometimes.
>
> If you can help me. Thanks.
>
> Eliel C. Sardañons


******************************************************************** 
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom 
they are addressed. 

If you are not the intended recipient or the person responsible for 
delivering to the intended recipient, be advised that you have received 
this email in error and that any use of the information contained within 
this email or attachments is strictly prohibited. 

Internet communications are not secure and Softlab does not accept 
any legal responsibility for the content of this message. Any opinions 
expressed in the email are those of the individual and not necessarily 
those of the Company. 

If you have received this email in error, or if you are concerned with 
the content of this email please notify the IT helpdesk by telephone 
on +44 (0)121 788 5480. 

********************************************************************