very OT: You may laugh at Hotmail (fwd)

-- 
"You're talking about an operating system that leaves all the security holes 
wide open
and makes the customer close them."
                                                 --William Knowles, about 
Windows 2000

There seem to be real CGI-gods at Hotmail:

* Pointed Konqueror at www.hotmail.com. Result: it redirects to 
/cgi-bin/login on some .hotmail.passport host. That one sends a nice 500 
Internal Server error. Always.
* Okay, dug into it, tried a plain GET on that page with netcat, gott he 
normal login page. Fine.
* Suspected M$ to block Konqueror...
* Added a "User-agent: Konqueror" header to the request: 500 Internal Server 
error!
* Tried some others.

To summarize: In fact their login script dies when it fails to interpret the 
User-agent header!!! They accept Mozilla (of course, IE sends it, too; but 
only w/ version number), they even accept Lynx, but stuff like "foobar/1.0" 
makes it stumble :)
The server identifies itself as Apache 1.3.6 (UNIX) (!), did they let an MSCE 
search for the "Start" button on a UN*X server???

Well, I tried it b/c I do have an account there *blush*. Unfortunately the 
settings in kcontrol/Browsing/Web/User Agent are ignored by Konqueror.

-- 
-Malte Starostik
PGP fingerprint [C3CC 67C2 FB3E 4E68 0FF1 AE09 DD37 322E 5E38 7C8F]
finger starosti-49YN0nJK6gSXv/h066bEuRQ0avMEgXv9@xxxxxxxxxxxxxxxx for my public 
key.