>* Here's the final straw� On February 10, 2004� Microsoft released > a patch that� restores the "[EMAIL PROTECTED]:" functionality in URL >references! > * It seems they are trying to hide this fact as this is not >widely publicized and it is NOT being labeled as an IE patch nor a even >a security patch!
Probably because it is NOT a security patch, nor does it restore the embedded-credentials functionality. It addresses the specific problem (created by the 04 patch )of not being able to pass user credentials in an XML Open() call.
From the M$ article: "This fix will only enable the scenario where user credentials are passed as parameters in the Open() method call. It will not enable scenarios where the user credentials are embedded in the URL."
Ks
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
