[sf-lug] what's the mechanism that a website can use to prevent stored information from filling out a form?
Mike Higashi
mhigashi at gmail.com
Sun Jun 22 16:55:27 PDT 2014
The official term is 'autocomplete'. A basic description is here:
http://www.w3schools.com/tags/att_input_autocomplete.asp
A more complete description is here:
https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion
Considering you mentioned your bank not using this feature, this paragraph
from the Mozilla page is particularly ironic:
This form attribute was first introduced in Microsoft's
Internet Explorer 5. Netscape introduced it in version
6.2 -- in prior versions, this attribute is ignored. The
autocomplete attribute was added at the insistance of
banks and card issuers, but prior to HTML5 was never
part of an official standard.
Mike
On Saturday, June 21, 2014, Michael Shiloh <michaelshiloh1010 at gmail.com>
wrote:
> it's handy for instance when a website remembers my address or phone
number, but it's a security risk when it remembers my account number and
password.
>
> what's the name of the mechanism that a website designer can use to make
certain fields not allow stored values?
>
> i don't need to implement this, i need to write a letter to my bank
complaining that they allow this, and i want to use the right terms.
>
> thanks
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> Information about SF-LUG is at http://www.sf-lug.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20140622/d3050370/attachment.html>
More information about the sf-lug
mailing list