RSS 2.0 Feed
RSS 2.0


Atom 1.0 Feed
Atom 1.0

  Change in IE for URLs including logon details 


Came accross a change coming in the next version of Internet Explorer via ASP.NET Developer Center on MSDN. Any URLs containing a user id and password will be disabled. For example, if I have a secure site and I want to avoid the logon dialog, I could use a URL like the following: http://myusername:mypassword@www.supersecretplace.com/.

I don't belive that using a URL like this is actually in the HTTP spec, but I don't think I've ever used this anyway that I can think of. However, it is a change worth noting. Not a surprise that the change comes from people (spammers, they're not really people are they?) leveraging this to send users elsewhere. Take a look at the article here and the KB article here describing this change in IE.




                   

Comments have been closed on this topic.



 

News


Also see my CRM Developer blog

Connect:              


Sponsor

Sections