PDA

View Full Version : Microsoft to remove support for @ usernames in http urls


MacBytes
Jan 28, 2004, 06:41 PM
Category: News and Press Releases
Link: Microsoft to remove support for @ usernames in http urls (http://www.macbytes.com/link.php?sid=20040128194142)

Posted on MacBytes.com (http://www.macbytes.com)

Approved by arn

Nermal
Jan 28, 2004, 07:10 PM
Yet another case of Microsoft breaking the Internet standards. Site developers who use @ legitimately will need to "fix" their sites if they want to keep the ~90% of bug-ridden Explorer customers.

cabes
Jan 28, 2004, 07:58 PM
All I'm going to say is, "NOT GOOD". Unfortunately, my company relies on that for a web application that makes a few hundred million a year... again, I'm not regretting my switch at home to Mac (even though I'm a .NET Programmer, go figure).

Nermal
Jan 28, 2004, 08:09 PM
I'm a .NET programmer too! Remote Desktop has been a lifesaver - no dog-slow Virtual PC required :)

MrMacMan
Jan 28, 2004, 08:16 PM
Wow...


Thats pretty bad.

What gives Microsoft?

People use '@' all the time... more inconvenience for ya.

jettredmont
Jan 28, 2004, 08:18 PM
Wow. What a convenient new feature!

Why not display a dialog like:

"WARNING: The URL you entered is going to take you to the following web site:

www.hackerz-r-us.de

Are you sure you want to go to this web site?"

Or, even better, *ONLY* show this when the "username" part of the address looks like a server name (contains the '.' character, for instance) ...

But, no. Instead, let's break the HTTP standard URL conventions because we can't figure out how security works ...

mkaake
Jan 28, 2004, 09:05 PM
Originally posted by jettredmont
Wow. What a convenient new feature!

Why not display a dialog like:

"WARNING: The URL you entered is going to take you to the following web site:

www.hackerz-r-us.de

Are you sure you want to go to this web site?"

Or, even better, *ONLY* show this when the "username" part of the address looks like a server name (contains the '.' character, for instance) ...

But, no. Instead, let's break the HTTP standard URL conventions because we can't figure out how security works ...

sec-ur-a-what?

matt

ITR 81
Jan 28, 2004, 09:39 PM
This how MS makes things more secure...

They break it so it's no longer usable..or just create a new std because it doesn't suit them.

nagromme
Jan 28, 2004, 11:03 PM
A warning sounds reasonable--clearly showing the two halves of the address and explaining the implications, and inviting the user to NOT proceed if they aren't sure. IE already has lots of situations that it can warn about or not, and different security levels relating to that.

Removing support entirely is silly and needless. Just make warnings the default.

mainstreetmark
Jan 28, 2004, 11:33 PM
Yeah! A warning!

I get warning all day long from a fresh windows machine. "Careful, you're entering a secure connection", "Careful, this site might use a cookie", "Careful, your wife will catch you looking". I mean come on - there's even little warnings about throwing stuff in the recycle bin.

But, this is something I actually USE. My websites have enough garbage IE stuff in them to get them to work right.

Nermal
Jan 29, 2004, 01:36 AM
I never understood why they warn you that you're using a secure connection. When you're leaving I understand, but what's the point of "Warning! The stuff you transfer can't be read by hackers!"?