RE: MS to stop allowing passwords in URLs

From: Francis Favorini (francis.favorini_at_duke.edu)
Date: 02/03/04

  • Next message: Himeur Nourredine: "Les Commentaires (PHP) Include file"
    To: bugtraq@securityfocus.com
    Date: Tue, 3 Feb 2004 13:24:09 -0500 
    
    

    Vinny Abello [mailto:vinny@tellurian.com] wrote...
    > Interestingly, I've already found that this patch doesn't fix
    > this problem when using IE as an object in VB6.

    From the KB article:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;834489
    "After you install the 832894 security update, you can set registry values
    to use this new behavior in other programs that host the Web browser control
    or to disable this new behavior for Windows Explorer and Internet Explorer."

    The specifics of the registry values are also documented therein.

    -FF


  • Next message: Himeur Nourredine: "Les Commentaires (PHP) Include file"