Weird IE Problem

[Roofus]

Whenever I click on a link to a site that requires you to log in and the url is the format http://username:password@www.site.com I get an "Invalid Syntax Error" I have to go to the site and enter the name and password manually. WTF?

<edit>Even the above link results in the error </edit>

[XXXNINTENDOGURLXXX]

It was in one of the new Windows Hotfixes that concerns IE, it disables clicking on links with p/w's in them for security reasons.

To quote a porn site : "Feb 7th Update - BACK TO AUTOMATIC LOGIN

UPDATE! Microsoft's Internet Explorer has updated and no longer supports including the
username:password in any internet links. BUT WE HAVE DEVELOPED A SOLUTION!
Just download this patch (IEUserPassEnable.reg) and open it to re-enable automatic login!
If you do not do this, you'll just get syntax errors when clicking on links. Read more."

[XXXNINTENDOGURLXXX]

BTW roofus, check your PM's, i just sent you a link to that patch

[Falcon4]

That's why I only install the "hotf*ckses" when absolutely necessary - like the Blaster patch.

Here's what I install when I format a new computer (after changing almost ALL of Windows' default settings, like Sys Restore, the view setup, disabling auto-update, changing to Silver look, etc.):
- WinRAR
- IE 6 SP1 (if Windows XP isn't SP1 prepatched)
- DirectX 9.0b
- Blaster patch (Google for "Blaster", open the Symantec Blaster alert page, find that link to the MS security bulletin, and download the patch as a standalone)
- Google Toolbar
- Acrobat 5 reader (http://www.oldversion.com - 6 is bloatware)
- Winamp 2.91 if on an older computer, Winamp 5 if a new computer

I haven't had any problems with not updating yet. Just never install SP1 unless your windows install was pre-patched for SP1. A post-install SP1 upgrade is horribly laggy and you'll never see good speed again. XP runs just great on my 380MHz K6-2 w/160MB RAM... in fact, that's what I'm on now. And having none of those pointless paranoia-patches installed leaves a lot of free RAM (yes, patches end up taking extra RAM too!) for me to run Photoshop 7 flawlessly on here, while browsing the Net and running Winamp.

[az_bont]

It's a known problem - there's a fix here: http://www.ps2ownz.com/forums/showthrea ... adid=14135

If you don't want to register to that forum, then you can do it manually: http://support.microsoft.com/default.aspx?kbid=834489

[Roofus]

BTW roofus, check your PM's, i just sent you a link to that patch

That did it. Thanks!

[BlackAura]

You realise that applying that patch basically reverses the MS patch, and leaves a rather nasty security hole open?

For a while (months) it's been possible to put a link on a page, which makes use of both the @ symbol as used in the username/password login feature, and the way IE handles special characters (like %3F) in the address bar and status bar. Basically, it's possible to have one URL appear in the address bar, and the status bar when you're got the mouse over the link, but have the browser go to a completely separate site. This works by using the special character %00, which means "end of string" in C programs, When IE converts that special character into a readable character, it simply stops it from drawing anything after that character, so you only see the first part of the URL.

To be totally fair to Microsoft, this did affect other some browsers as well, although not as much. In Mozilla, the link text in the status bar would show the fake address, but the address bar at the top would show the full address. However, all the other browsers fixed this by changing the way they handle special characters in URLs, so only actual printable characters would be converted - the rest would remain as escape sequences.

Microsoft simply made all HTTP URLs that have an @ in them come up with "Invalid syntax error". Probably the most lazy, worthless way to deal with it. Granted, it does work, but (as you can see) it might be a pain in the backside.