- From: William C. Cheng <william@cs.columbia.edu>
- Date: Mon, 26 Feb 1996 12:51:51 -0500
- To: www-html@w3.org
> Here's a scenario to consider:
>
> Company A, a trustworthy and respectable publisher,
> presents a subscription form prompting for personal
> demographic information. Since A is trustworthy and
> promises not to use this information for evil, you
> fill it out and send it. For convenience, Company A's
> form points to a template on their site, so your browser
> records the values (unbeknownst to you until the next
> time you visit their site).
>
> Company B, a disreputable direct-marketing firm that you
> would not trust with your e-mail address, puts up a form on
> their own site that hijacks Company A's template. The
> fields containing the sensitive information are way down at
> the bottom of the page in a cleverly-formatted table so
> you don't even notice that your browser has automatically
> filled them in. You press the Submit button and a week
> later you're getting junk mail from all over the planet.
Once a browser starts doing such a thing, no matter there is a
standard for the format or not, it's open for such an attack.
If browser vendors start listening to their users who are tired
of typing, sooner or later, some will implement such ``features''.
Hopefully, responsible browser vendors (and those who want to
stay competitive) will display hidden information and prompt the
user before submitting a form.
Having a standard doesn't make the Web less safe. Not having a
standard doesn't make the Web more safe. We should put efforts
in making the browser vendors aware of such risks. Do something
like adding a test for hidden fields to BrowserCap [1] and end
this thread.
--
Bill Cheng // Guest at Columbia Unversity Computer Science Department
william@CS.COLUMBIA.EDU ...!{uunet|ucbvax}!cs.columbia.edu!william
WWW Home Page: <URL:http://www.cs.columbia.edu/~william>
[1] <URL:http://www.objarts.com/bc> BrowserCaps
Received on Monday, 26 February 1996 12:52:02 UTC