Full Disclosure mailing list archives

Re: Microsoft's fix for URL containing username:password@ obfuscation

From: Thomas Frenzel <syslock () gmx de>
Date: Wed, 28 Jan 2004 04:26:37 +0100

It fixes url obfuscation somehwat but doesn't this break ftp
functionality in IE when behind a firewall?

According to the article this modification pertains http and httpsurl-schemes, wich appears to be rfc-conformably to me. I would notexpect the ftp-scheme and others to be affected.


Thomas

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Microsoft's fix for URL containing username:password@ obfuscation Zach Forsyth (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation George Capehart (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Thomas Frenzel (Jan 27)
- <Possible follow-ups>
- Microsoft's fix for URL containing username:password@ obfuscation Bobby Brown (Jan 27)
  - Re: Microsoft's fix for URL containing username:password@ obfuscation Daniel . Capo (Jan 28)
- RE: Microsoft's fix for URL containing username:password@ obfuscation Zach Forsyth (Jan 27)
  - Re: Microsoft's fix for URL containing username:password@ obfuscation Cael Abal (Jan 28)
    - Re: Microsoft's fix for URL containing username:password@ obfuscation Nick FitzGerald (Jan 28)
  - RE: Microsoft's fix for URL containing username:password@ obfuscation Kenton Smith (Jan 28)
    - RE: Microsoft's fix for URL containing username:password@ obfuscation Ron DuFresne (Jan 28)