Comment #3 on issue 31625 by [email protected]: Mitigate failure to
sanitize user input in links on server side by warning the user when s/he
clicks on a link containing 'username:password@'
http://code.google.com/p/chromium/issues/detail?id=31625
Why should we be warning users? It is annoying / crippling as hell in
Firefox, IMO.
Unlike Firefox, we already have excellent:
- Highlighting in the address bar, so there is no ambiguity as to what part
of the
URL is the destination server,
- Auto-hiding of the credentials part, to further rule out any confusion.
/mz
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
