On Thu, 5 Feb 2004 wizard@newsreports.org wrote: > > It is the *silent* bypassing of this dialog > through the *interpretation* of username@password > that is causing it to be a difficulty in the > case at hand. Popping up a dialog box is much > less draconian than ignoring username@password > altogether. > Actually, the MS fix isn't for the silent bypass per se, it is for the fact that MSIE hides the content of the URL after the %01 character. In my mind, that makes it an invalid URL which should be rejected. Your suggestion for popping a dialog seems like a good optional security enhancement. Add a checkbox to not show the dialog again for the same server.... Dave MorrisReceived on Thursday, 5 February 2004 19:01:02 UTC
This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 16:03:13 UTC