Re: URL coding : ftp passwords in clear!

From: James R Grinter <>
Date: Wed, 9 Jul 1997 15:27:39 +0100

On Wed 9 Jul, 1997, Francis Mouthaud <> wrote:
>I just think that the passwords should never be PRINTED on screen in
>clear. So teams of netscape and squid should find a solution (together?)
>to avoid such problems. Think about the newbies...

This 'problem' is nothing new. It would happen with all browsers that
show the requested URL anywhere on screen, and with all proxies that
log the request they get. I doubt any newbies even have a password
they could use for ftp.

Whoever wrote that security issue article didn't really investigate
matters very far; and what amazes me more is that suddenly everyone
thinks it's a huge problem. I treat all logs as something to be kept
secure - I doubt users would be happy if they knew anyone else could
see what they'd been browsing.

-- jrg.
Received on Wed Jul 09 1997 - 07:30:09 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:42 MST