Full Disclosure mailing list archives
Re: another product affected by recent MS IE '@' patch
From: martin f krafft <madduck () madduck net>
Date: Sun, 8 Feb 2004 22:52:36 +0100
also sprach Nick FitzGerald <nick () virus-l demon co uk> [2004.02.08.2108 +0100]:
Actually, it is _far_ from a _typical_ MS fix.
thanks for your reply, it made me check out rfc 1630 and, tataa, user:pass@server/url is non-standard. thus, this is in fact the most surprising fix from M$ in a long time.
Second, it is very unlike MS to "fix" something when they know it will break some systems based on the "broken" behaviour.
unless of course it could harm competitors. then they will gladly do so.
... and absolutely ridiculous), ...Ahhhh -- so you're another genius who believes it is "ridiculous" to implement standards-conforming behavior? Or are you another genius who believes it is ridiculous for MS to implement improved security behaviour in its historically insecure web browser? Or perhaps you believe _both_ changes are ridiculous?
i retract my statement. i wrote that message on the train without access to the RFC. i should have known better. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver! "marriage is the only adventure open to the cowardly." -- voltaire
Attachment:
signature.asc
Description: Digital signature
Current thread:
- another product affected by recent MS IE '@' patch martin f krafft (Feb 08)
- Re: another product affected by recent MS IE '@' patch Nick FitzGerald (Feb 08)
- Re: another product affected by recent MS IE '@' patch mescsa (Feb 08)
- Re: another product affected by recent MS IE '@' patch Nick FitzGerald (Feb 08)
- Re: another product affected by recent MS IE '@' patch Guido van Rooij (Feb 09)
- Re: another product affected by recent MS IE '@' patch Guido van Rooij (Feb 09)
- Re: another product affected by recent MS IE '@' patch mescsa (Feb 09)
- Exclusive: Windows 2000 & Windows NT 4 Source Code Leaks jB (Feb 12)
- Re: another product affected by recent MS IE '@' patch mescsa (Feb 08)
- Re: another product affected by recent MS IE '@' patch Nick FitzGerald (Feb 08)
- <Possible follow-ups>
- RE: another product affected by recent MS IE '@' patch David Farinic (Feb 09)
- RE: another product affected by recent MS IE '@' patch Darren Bennett (Feb 09)
- RE: another product affected by recent MS IE '@' patch Brad Griffin (Feb 09)