Okay, when someone sends an Instant Message to another user, it transmits the senders information in a 'naked' call - it passes the User ID and User Password in the URL.
Ive looked and searched - what 'page' or include file or whatever contains the text and URLs for the 'Actions' located on the view profile page? Basically, I want to change the link so that it opens the Instant Messenger screen without the location/URL (location=no). It appears that the toolbar and menu have been set to no - is there a reason the location wasnt set to no? Note: this occurs on IE7.0 -- I havent yet tested it on other browsers but assume its behaving the same.
I dont want my users gathering other peoples login information... even if the password is encrypted - it can be decrypted using various websites/applications.
