|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: R: Re: ICQ >= 99* + CC Data
Subject: Re: R: Re: ICQ >= 99* + CC Data
From: C. C. Camp (camp
CDCLA.COM)
Date: Thu Jan 20 2000 - 08:49:52 CST
- Next message: Mixter: "Overflows due to unexpected casts"
- Previous message: Taavet Hinrikus: "Re: ICQ >= 99* + CC Data"
- In reply to: Raistlin: "R: Re: ICQ >= 99* + CC Data"
- Next in thread: Jon Hadley: "Re: ICQ >= 99* + CC Data"
- Reply: C. C. Camp: "Re: R: Re: ICQ >= 99* + CC Data"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The feature is known as "Autocomplete" and can be turned off at the
individual field or entire form level. e.g. at the form level:
<FORM NAME=logon AUTOCOMPLETE="off" METHOD=POST onSubmit="......
see the Microsoft write-up on this "feature" at
http://msdn.microsoft.com/workshop/author/forms/autocomplete_ovr.asp
Note- the use of generic field names in forms is incompatible with Autocomplete.
e.g. if a developer names his fields arg1, arg2, .. argn, and their logical content
differs from page to page, then the user will be confused by IE5's behavior.
A field named "arg1" which has a stock symbol on one page but is used for
a part number on another page will be "completed" by an illogical value.
Date sent: Wed, 19 Jan 2000 13:32:52 +0100
Send reply to: Raistlin <raistctrade.it>
From: Raistlin <raistctrade.it>
Subject: R: Re: ICQ >= 99* + CC Data
Originally to: VULN-DEVSECURITYFOCUS.COM
To: VULN-DEVSECURITYFOCUS.COM
> > I read an article about that last night. Apparently, with the feature
> > turned on IE just looks at the field name in the HTML code, and throws
> > up a list of choices that you've previously used for the same field
> > name elsewhere.
>
> Anyone knows if there is some kind of attribute to tell IntelliNonSense not
> to do this even if enabled ?
>
> I mean, something like
> <INPUT TYPE="password" NAME="themostimportantpasswordinmylife"
> INTELLISENSE="vade_retro_satana">
>
> which tells IntelliSense to stay quiet and not to log the entry ?
>
> In my opinion, such a thing (if applied) would make the security problem a
> little easier to manage, since trusted, big, secure sites would activate
> this kind of protection on all their password & credit card entries,
> effectively making only useless data stay in IntelliSense database.
>
> Obviously, the best would be if Intellisense needed to be activated, not
> deactivated, as the simplest rules of security ask.
>
> Raist
- Next message: Mixter: "Overflows due to unexpected casts"
- Previous message: Taavet Hinrikus: "Re: ICQ >= 99* + CC Data"
- In reply to: Raistlin: "R: Re: ICQ >= 99* + CC Data"
- Next in thread: Jon Hadley: "Re: ICQ >= 99* + CC Data"
- Reply: C. C. Camp: "Re: R: Re: ICQ >= 99* + CC Data"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Thu Jan 20 2000 - 09:27:59 CST