Bugtraq mailing list archives

RE: MS to stop allowing passwords in URLs

From: Francis Favorini <francis.favorini () duke edu>
Date: Tue, 3 Feb 2004 13:24:09 -0500

Vinny Abello [mailto:vinny () tellurian com] wrote...

Interestingly, I've already found that this patch doesn't fix
this problem when using IE as an object in VB6.

From the KB article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;834489
"After you install the 832894 security update, you can set registry values
to use this new behavior in other programs that host the Web browser control
or to disable this new behavior for Windows Explorer and Internet Explorer."

The specifics of the registry values are also documented therein.

-FF

Current thread:

Re: MS to stop allowing passwords in URLs, (continued)
- - Re: MS to stop allowing passwords in URLs Nick FitzGerald (Feb 06)
  - Message not available
    - Re: MS to stop allowing passwords in URLs Vinny Abello (Feb 03)
- Re: MS to stop allowing passwords in URLs Ansgar -59cobalt- Wiechers (Feb 03)
- RE: MS to stop allowing passwords in URLs Andrew Harwood (Feb 03)
- Re: MS to stop allowing passwords in URLs 3APA3A (Feb 03)
- Re: MS to stop allowing passwords in URLs Dave McCormick (Feb 03)
- Re: MS to stop allowing passwords in URLs Nick FitzGerald (Feb 03)
- Re: MS to stop allowing passwords in URLs Sam Schinke (Feb 03)
- Message not available
  - Re: MS to stop allowing passwords in URLs Paul Smith (Feb 03)
- RE: MS to stop allowing passwords in URLs Richard M. Smith (Feb 03)
- RE: MS to stop allowing passwords in URLs Francis Favorini (Feb 03)
- RE: MS to stop allowing passwords in URLs Thor Larholm (Feb 03)
  - Re: MS to stop allowing passwords in URLs Sam Schinke (Feb 05)
- RE: MS to stop allowing passwords in URLs NESTING, DAVID M (SBCSI) (Feb 05)