[33393] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: MS to stop allowing passwords in URLs

daemon@ATHENA.MIT.EDU (3APA3A)
Wed Feb 4 05:00:15 2004

Date: Tue, 3 Feb 2004 20:26:30 +0300
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Message-ID: <1243261307.20040203202630@SECURITY.NNOV.RU>
To: "McAllister, Andrew" <McAllisterA@umsystem.edu>
Cc: bugtraq@securityfocus.com
In-Reply-To: <657713855E75BA41B16662DF0F1B6BDF28229D@UM-EMAIL06.um.umsystem.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit

Dear McAllister, Andrew,

--Thursday, January 29, 2004, 1:54:00 AM, you wrote to bugtraq@securityfocus.com:

MA> Anyone have any comments regarding legitimate uses of this syntax and
MA> Microsoft removing it from their browser? (and presumably the OS since
MA> the browser IS the OS).

ftp://user:pass@site

is  _only_  way  to  authenticate  FTP through HTTP proxy (if not given,
proxy always use anonymous).

-- 
~/ZARAZA
Всегда будем рады послушать ваше чириканье (Твен)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[33393] in bugtraq

Re: MS to stop allowing passwords in URLs

daemon@ATHENA.MIT.EDU (3APA3A)Wed Feb 4 05:00:15 2004

daemon@ATHENA.MIT.EDU (3APA3A)
Wed Feb 4 05:00:15 2004