lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: ypwhich at io.com (rhetorical question)
Subject: Interesting side effect of the new IE patch

Hello,

I *may* be wrong.  But I do believe the  "http://username:password@... " bit 
has been around for some time.  I remember finding that out a long time ago, 
which was convient in regards to browsing FTP sites which require a login/
password.  Was using Netscape Navigator Gold, mid 90s.

I still have some of my old browsers, will install a few and test it out.

Valdis.Kletnieks@...edu wrote:

> Do the research.  Who did it first?  Then ask yourself what *real* choice
> the other browsers had.  Microsoft breaks the standard in the browser, then
> probably put the same cretinwork hack into their web authoring tools.
[snip]

On Thursday 05 February 2004 21:44, Valdis.Kletnieks@...edu wrote:

> On Thu, 05 Feb 2004 23:35:27 +0100, Stefan Esser said:
> > blind of hatred like you obviously are. All standard browsers support
> > the http://username:password@... . THIS makes it a standard, no matter
> > what the bloody RFC writes. The majority of people liked adding
> > username:password to the URL, so it was implemented into all browsers
> > and became a standard. That the RFC was not updated is not the fault
> > of Microsoft. If the community had not accepted this as standard it
> > would not be in other browsers (like mozilla), too.
[snip]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ