|02-09-2004, 07:29 AM||#1|
Join Date: Oct 2002
Device: Too many to count here.
IE security patch disables passwords in URLs
Microsoft released a patch last week that disables support for handling user names and passwords in HTTP and HTTPS. Read further if you are interested in enabling this feature again.
The problem occurs when programmers design a Web site to enable a Web user to log in by typing credentials into the URL. In such cases, the Web address might look like this:
The link gives the person access to a company's Web site when the authentication program verifies the username and password.
Because the username and password are part of the Web address and are not encrypted, embedding the credential in the URL is considered a security risk.
What Microsoft did is simply to disable the support for username:password@ urls. Cool, heh? All of a sudden, you come in one day, and things aren't working anymore, because Microsoft has determined that a way they are doing things is not secure.
So if you still want to be able to use this feature, download and execute the attached registry-file (remove the .txt extension first).
REGEDIT4 ; Enable handling user information in HTTP and in HTTPS URLs ; More info here: http://support.microsoft.com/default...b;en-us;834489 ; Feb 8, 2004. Turcic.com [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "iexplore.exe"=dword:00000000 "explorer.exe"=dword:00000000
|Thread Tools||Search this Thread|
|Thread||Thread Starter||Forum||Replies||Last Post|
|epub and longs urls||irc||ePub||10||08-27-2010 12:04 PM|
|Confused by behavior of two pdfs w/permissions passwords, but no open passwords/DRM||grr||0||12-21-2009 03:21 PM|
|Firmware Update Kindle 2.0.3 officially disables TTS||demoric||Amazon Kindle||14||08-07-2009 07:37 PM|
|ebook URLs on delicious.com||Teresita3||Deals, Freebies, and Resources (No Self-Promotion)||0||01-29-2007 01:46 AM|
|iRex iLiad patch V2.7.1 closes security holes||Alexander Turcic||iRex||11||10-26-2006 12:41 PM|