GitHub

URL Encoding on Authorisation Header resulting in invalid_client

I've tracked this down to ClientID and Secret being individually URL Encoded, before being Base64 encoded for the Authorisation header. There is no requirement for these properties or any aspect of ...
GitHub

httpyac is URL encoding JSON requests - sometimes

I have an intermittent problem, usually happening after a first successful one where the JSON body of a POST request gets URL encoded. My request has an email address like: Both when I hover over the ...
Threat Post

Phish Uses Google’s URL Decoding to Swim Past Defenses

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters. A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the ...
TechRadar

Phishing emails are getting smarter - and using some new tricks to snare victims

Barracuda says Tycoon now offers new ways to hide malicious links in emails URL encoding, fake CAPTCHAs, domain splits, and other techniques were spotted in the wild The researchers urge businesses ...
Infosecurity-magazine.com

Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links

New techniques have been developed within the Tycoon phishing kit to hide malicious links in email attacks, researchers from Barracuda have warned. The use of URL encoding, among other new techniques, ...
Ars Technica

Encoding characters in urls

I am trying to figure out how IE determines what characters to encode in a URL. <BR>Ex. If I do a search on Google for 2:00 it becomes &q=2%3A00<BR><BR>How does Internet Explorer figure out to use %3A ...