Re: Automatic Entry and Forms

Mary Holstege (holstege@kset.com)
Fri, 23 Feb 1996 08:21:21 -0800


Date: Fri, 23 Feb 1996 08:21:21 -0800
Message-Id: <199602231621.IAA14129@athena>
From: Mary Holstege <holstege@kset.com>
To: www-html@w3.org
In-Reply-To: <199602231447.IAA15802@predator.urbana.mcd.mot.com>
Subject: Re: Automatic Entry and Forms



I think the issue here is that, while you may be envisioning a nice polite
form automatically filling in fields such as
    <input type="text" name="email">
    <input type="text" name="first-name">
    <input type="text" name="last-name">

those of us on the more paranoid side are instead imagining forms such as this
    <form action="/cgi-bin/laughing-all-the-way-to-bank">
        <input type="hidden" name="social-security-number">
        <input type="hidden" name="date-of-birth">
        <input type="hidden" name="visa-number">
        <input type="hidden" name="visa-expiration">
        <input type="text" name="email">
        <input type="text" name="first-name">
        <input type="text" name="last-name">
        ...
        <input type="submit" value="Respond To My Cool Site!">
    </form>

Automatically filling in hidden fields is a pretty lousy idea.  Automatically
filling in non-hidden fields is a less lousy idea, but there is a big (big)
unanswered question for me:  What's the use model here?  

Does the browser cache all filled in fields and automatically reuse them when
presented with a field defined according to the same template?  Caches on disk?
(Caching only in memory won't do unless you have your browser up for weeks at a
time.)  With what protections against others finding and misusing it?  Is this
really implementationally viable?  Identifying 'sameness' sounds like a
nightmare, but I'd have to see the spec on these templates.  I could see you
chewing up a lot of disk space and memory over these field caches.

Or there is some "personal information" preferences page in which you fill in
a few standardized fields?  This is naive. I have written a lot of programs of
one sort and another that want name (and maybe title), address (two address
lines? three? four? country? postcode or zipcode? city-state-zip as a line
or separate fields...), and telephone (country code? separate area code? how
many digits? and maybe fax and maybe pager and maybe email...) and not one uses
the same set of fields.  Throw in an international environment and all bets are
off.  When I've designed fill-in forms for our customers, they almost always
want specialized drop down menus for some of these fields -- how does that fit
into this model if the predefined value doesn't match the menu values?

I'm just not convinced that retyping in some information once every couple of
weeks or so is worth all this.

                -- Mary
                   Holstege@kset.com


Mary Holstege, PhD  
Manager, Online Engineering
KnowledgeSet Corporation
555 Ellis Street                    Tel: (415) 254-5452
Mountain View, CA 94043             FAX: (415) 254-5451