Re: New thoughts on CSS

From: Blue Boar (BlueBoarat_private)
Date: Fri Feb 01 2002 - 19:05:13 PST

Next message: Blake Frantz: "Re: CSS, CSS & let me give you some more CSS"

Previous message: Marc Slemko: "RE: CSS, CSS & let me give you some more CSS"
In reply to: Matt Dickinson: "RE: New thoughts on CSS"
Next in thread: Jonas M Luster: "Re: New thoughts on CSS"
Next in thread: Robert Collins: "RE: New thoughts on CSS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matt Dickinson wrote:
> 
> I saw this recently in a newsgroup, I can't believe it's real, and found
> no mention when browsing the news sections on either of the company
> websites. Isn't this a good example?
> 
> >=- Manolo -=| wrote:
> >
> http://www.microsoft.com&item%3Dq209354at_private/1338825GHU_98.as
> p

That's a different class of problem.  As some have already advised, 
you need to RTFM:
q209354at_private/nyheter/feb01/Q209354%20-%20HOWTO.htm">http://www.microsoft.com&item=q209354at_private/nyheter/feb01/Q209354%20-%20HOWTO.htm
:)

The @ is a delimiter between the authentication info, and the rest of the 
URL.  An easier to understand example is
passwordat_private">http://username:passwordat_private

This kind of confusion is probably just as effective as a good CSS attack, 
perhaps even more so.  Ever wonder how they got www.@stake.com, when @ 
isn't a legal DNS character?

						BB

Next message: Blake Frantz: "Re: CSS, CSS & let me give you some more CSS"
Previous message: Marc Slemko: "RE: CSS, CSS & let me give you some more CSS"
In reply to: Matt Dickinson: "RE: New thoughts on CSS"
Next in thread: Jonas M Luster: "Re: New thoughts on CSS"
Next in thread: Robert Collins: "RE: New thoughts on CSS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Feb 01 2002 - 19:10:50 PST