Robert Chapin wrote: > But it's not just "an input" if the phisher can modify its behavior through > CSS. This is especially dangerous when 'type=password' has been > blacklisted. It may not be a good policy, but it works, and CSS3 will break > it. There'd be an argument to disallow inputs, selects, textareas and forms altogether then, if they (I think you mentioned MySpace in your email sent to me direct) are concerned about phishing attacks from those accounts...but maybe that's my far too draconian response to it. P -- Patrick H. Lauke __________________________________________________________ re·dux (adj.): brought back; returned. used postpositively [latin : re-, re- + dux, leader; see duke.] www.splintered.co.uk | www.photographia.co.uk http://redux.deviantart.com __________________________________________________________ Web Standards Project (WaSP) Accessibility Task Force http://webstandards.org/ __________________________________________________________Received on Monday, 4 December 2006 18:12:06 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:22:34 GMT