Reader Comments (rss)

(Flattened / Threaded)

1.  

   You are suprized this still works?

   

   Lyndon Liberty, Mar 8th, 2003 @ 11:17am

   
   

   You must not watch much TV or talk to those who do... lol the show "Street Smarts" is a good example... I recorded all the questions asked for one week, then bet my friend that I could go out locally and find just as many idiots, he declined the bet because he was afraid he would be proven wrong in his comfortable dillusion. I went out anyway, they must cut 60% of the idiots to get one show....

   [ reply to this | link to this | view in thread ]

2.  

   blaming the victims doesnt cut it dudes

   

   Michael Ax, Mar 8th, 2003 @ 6:06pm

   
   

   if people didnt like the mileage they got out of these stories we would have browsers that made compliance with the URL authentication part of the HTTP RFC optional.
   
   as is we have you grandstanding and everyone else 'recording the facts' while everyday thousands of browsers are installed with slavish conformity to this most expensive and dangerous loophole of them all.
   
   i have written to scores of sites and people - this one included - about this loophole and nobody seems to 'GET' that these things would not happen if the browser status bars would properly resolve target urls rather than merely echoing the first part of the string.
   
   this part of 'the web' is broken badly from a usability pov and people writing browers like IS/NS/opera need to be told to protect the noob's by making URL AUTHENTICATION something that defaults to off.

   [ reply to this | link to this | view in thread ]

Add Your Comment