3 Feb
2004
3 Feb
'04
1:31 p.m.
On Tue, 3 Feb 2004, Jeff Workman wrote:
My guess is that too many people were getting burned by URLs like this:
http://www.microsoft.com@%77%77%77%2E%70%69%6D%70%77%6F%72%6B%73%2E%6F%72%67
-Jeff
Right but the bug wasn't basic auth in a URL it was that the %01 character stopped Outlook and IE from displaying the rest of the URL, so http://www.ebay.com%01@boogeyman.gov/ would show just "www.ebay.com" in both outlook and the URL bar. The problem isn't the auth but the masking ability of the escaped characters. Oh well, one more standard "Embraced and Extended" by the beast.... -S -- Scott Call Router Geek, ATGi, home of $6.95 Prime Rib I make the world a better place, I boycott Wal-Mart VoIP incoming: +1 360-382-1814