[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6.0.1.1.2.20040212105335.03814470@pop3.moondrummer.com>
From: krs at c3group.net (Kevin Sullivan)
Subject: Absurd Microsoft QA? The Return of the
"username@...sword"...
>* Here's the final straw
On February 10, 2004
Microsoft released
> a patch that
restores the "username@...sword:" functionality in URL
>references!
> * It seems they are trying to hide this fact as this is not
>widely publicized and it is NOT being labeled as an IE patch nor a even
>a security patch!
Probably because it is NOT a security patch, nor does it restore the
embedded-credentials functionality. It addresses the specific problem
(created by the 04 patch )of not being able to pass user credentials in
an XML Open() call.
From the M$ article:
"This fix will only enable the scenario where user credentials are passed as
parameters in the Open() method call. It will not enable scenarios where
the user credentials are embedded in the URL."
Ks
Powered by blists - more mailing lists