[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation
From: Thomas Frenzel <syslock@gmx.de>
Date: Wed, 28 Jan 2004 04:26:37 +0100

It fixes url obfuscation somehwat but doesn't this break ftp
functionality in IE when behind a firewall?

According to the article this modification pertains http and https url-schemes, wich appears to be rfc-conformably to me. I would not expect the ftp-scheme and others to be affected.

Thomas

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation
  - From: "Zach Forsyth" <Zach.Forsyth@kiandra.com>

Prev by Date: RE: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation
Next by Date: [Full-Disclosure] SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM
Previous by thread: RE: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation
Next by thread: Re: [Full-Disclosure] Microsoft's fix for URL containing username:password@ obfuscation
Index(es):
- Date
- Thread