http://username:[email protected]

[Matthew]

I use this syntax a lot to pass the username and password to a restricted
area of my web site.

http://username:[email protected]

The latest update to IE has made this invalid.

Is there a workaround in place?

Matthew

 

[VJ]

I am having similar problem too...

As per RFC:2617 ftp://ftp.isi.edu/in-notes/rfc2617.txt, if
we pass 'Authorization' header with 'basic
usernameassword' (base64 encoded string) value, It
should not prompt login dialog box. Hope this helps

Dont know at this moment how to pass this header through
IE client script. Let me know if you find something how to
do it.

Thanks

 

[Don Varnau]

See this MSKB Article: http://support.microsoft.com/?kbid=834489

Don

 

[Don Varnau]

See this MSKB Article: http://support.microsoft.com/?kbid=834489

Don

 

[James McGovern]

Many sites have been reporting problems with this particular service pack
other than having passwords break. Would love to learn about other security
related changes in this release and other suggested workarounds.

 

[Guest]

Thanks Don! I've been trying to find this solution for over a week.

 

[VJ]

Don, This article doesnt help much. I am using IE as a
client so can not instantiate any of these workaround
object from client script to set those internet options.

I want some code which will run from IE client side script.

Thanks

-----Original Message-----
See this MSKB Article: http://support.microsoft.com/? kbid=834489

Don
--
MVP IE/OE
Please reply to the newsgroup so that others may participate.

"VJ" <anonymous[at]discussions.microsoft.com> wrote in message

I am having similar problem too...

As per RFC:2617 ftp://ftp.isi.edu/in-notes/rfc2617.txt, if
we pass 'Authorization' header with 'basic
usernameassword' (base64 encoded string) value, It
should not prompt login dialog box. Hope this helps

Dont know at this moment how to pass this header through
IE client script. Let me know if you find something how to
do it.
password
to a restricted

.

 

[Michael Dryja]

This is kind of a big-time bummer, isn't it!

There is only one workaround I know, which is from one of the
bulletins posted by others:

How to disable the new default behavior for handling user information
in HTTP or HTTPS URLs

To disable the new default behavior in Windows Explorer and Internet
Explorer, create iexplore.exe and explorer.exe DWORD values in one of
the following registry keys and set their value data to 0.

For all users of the program, set the value in the following registry
key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

For the current user of the program only, set the value in the
following registry key:

HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE


This will return the way IE works to its previous state . . . .