- From: Joe English <jenglish@crl.com>
- Date: Mon, 26 Feb 1996 09:11:29 -0800
- To: www-html@w3.org
Here's a scenario to consider: Company A, a trustworthy and respectable publisher, presents a subscription form prompting for personal demographic information. Since A is trustworthy and promises not to use this information for evil, you fill it out and send it. For convenience, Company A's form points to a template on their site, so your browser records the values (unbeknownst to you until the next time you visit their site). Company B, a disreputable direct-marketing firm that you would not trust with your e-mail address, puts up a form on their own site that hijacks Company A's template. The fields containing the sensitive information are way down at the bottom of the page in a cleverly-formatted table so you don't even notice that your browser has automatically filled them in. You press the Submit button and a week later you're getting junk mail from all over the planet. --Joe English jenglish@crl.com
Received on Monday, 26 February 1996 12:14:34 UTC