On 27 January 2004, Microsoft published a Knowledge Base article, 834489, that details changes which will be made in a forthcoming security update in the behavior of how Internet Explorer handles user information in HTTP and HTTPS URLs. Specifically, once this forthcoming security update is applied, by default, URLs that contain user information will no longer be supported and users will receive the error message "Invalid syntax error". HTTP and HTTPS URLs that contain user information take the format of: http(s)://username:[EMAIL PROTECTED]/resource.ext.
Web site operators who currently rely on HTTP or HTTPS URLs with user information should take steps to implement other forms of authentication, as detailed in the Knowledge Base article to minimize the likely impact that this design change will have on their customers. While it is not recommended, it is possible for customers to re-enable support for user information in HTTP and HTTPS URLs via a registry change on the client system. This information is detailed in the knowledge base article. This change is not to remediate any specific or particular product vulnerability. Instead, it is a design change that is being made to enhance overall security in Internet Explorer. More details are available in Knowledge Base article, 834489. http://support.microsoft.com/?kbid=834489 --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
