G. Adam Stanislav wrote: > Hmmm... This is the second time I see this type of "URL" in a gimmick > mentioned on this list. The trick is in the use of the '@' character. > > While the whole thing APPEARS like http://news.bbc.co.uk, it actually > is for http://gazeta.rin.ru/cgi-bin/print.pl (etc). > > If you enter that fake URL into the Opera browser it issues a warning. > If you enter it to IE, it, of course, just takes you right to whatever > is AFTER the '@' sign. Yet another security hole in IE5. :(
This is NOT a security hole. It's a feature which is intended to be used for logging into HTTP password-protected pages, e.g., https://username:[EMAIL PROTECTED]/ and is actually most useful for producing a URL that will automatically log you OUT of such sites (by having the wrong username or password). Unfortunately, Opera's "warning" doesn't mention the password at all,if present, and people using Opera may understandably be confused about why they should see a URL like this in cases where it is legitimate (such as for logging into secure sites). -- Randall Randall <[EMAIL PROTECTED]> Crypto key: www.freedomspace.net/~wolfkin/crypto.text Politicians are the same all over. They promise to build bridges even when there are no rivers. -Nikita Khruschev --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
