On Thu, 5 Feb 2004 wizard@newsreports.org wrote: > > It is the *silent* bypassing of this dialog > through the *interpretation* of username@password > that is causing it to be a difficulty in the > case at hand. Popping up a dialog box is much > less draconian than ignoring username@password > altogether. > Actually, the MS fix isn't for the silent bypass per se, it is for the fact that MSIE hides the content of the URL after the %01 character. In my mind, that makes it an invalid URL which should be rejected. Your suggestion for popping a dialog seems like a good optional security enhancement. Add a checkbox to not show the dialog again for the same server.... Dave MorrisReceived on Thursday, 5 February 2004 19:01:02 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:27 GMT