- From: Joris Huizer <joris_huizer@yahoo.com>
- Date: Mon, 28 Apr 2003 08:03:38 -0700 (PDT)
- To: "Meyer, Stephen" <smeyer01@harris.com>, "'www-html@w3.org'" <www-html@w3.org>
This is a savety problem. you could do <input type="file" value="C:\secrets.txt" style="display:none"> assuming a file in dos or windows on C:\secrets.txt - and a lack of true savety precautions on this file, I could upload you're secrets. Now I think this idea is ridiculous: this theory assumes a webdesigner would know EXACTLY where a file is - I think it's save to say such a file must be a system file. Even if you would know where passwords are stored, you can't get through encryption (unless we all are at great risc on the internet anyway) --- "Meyer, Stephen" <smeyer01@harris.com> wrote: > Hello, > I am having an issue with HTML file selection. On > my page if a value that the > user selected is displayed in the file selection > text field and then a submit > button is selected the value disappears if the > submit had an error. The html > page has text values and a file selection value that > are validated upon submit. > If the validation fails the page returns with an > error message. All the text > values remain but the value in the file selection > text field is gone. I can see > it in the 'VALUE=' field if I view the source code > but it does not display on > the page. Has anyone ran across this issue before? > It happens with IE 5.5 and > Netscape 4.77. Any help is appreciated. > > Steve Meyer > __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com
Received on Monday, 28 April 2003 11:03:39 UTC