-----Original Message----- From: Anthony Baxter [mailto:anthony@interlink.com.au] Sent: Wednesday, May 12, 1999 3:48 AM To: zope@zope.org Subject: [Zope] IE5 form entry horror.
one of the customer service people here just pointed out something of a horror problem (a week before go-live, yay).
IE5 appears to have a client-side cache of form entry values - so if someone returns to a page, they get a drop-box of previously entered values for this form field - this occurs even on a form accessed by https. To say that I'm somewhat unimpressed by this utter misfeature is something of an understatement. Imagine a kiosk setup, with a registration screen prompting for (amongst other things) a credit card number. Gee, let's use one someone entered earlier - pull down a little scrolly box.
oooooooooo.
aiieieieie. One thought that comes to mind is to make the form field name be a name with a random bit on the end. (Another thought that came to mind was to do a drive-by on the local MS office.) Anyway, the reason for the zope-post is that I'm thinking of hacking the field name converting so that you can do fieldname:type:end:anything and just finish looking for the type name after it hits the 'end' tag.
This is a 3 line patch to ZPublisher/HTTPRequest.py - would it offend anyone if it was added?
Not unless you're offending yourself. You can patch ZPublisher anyway you want, the question is if it will get into the official product. This will require much thought on our part, on the one hand it solves your specific problem and possible solves problems for lots of other people using that browser, on the other hand, it would be a step of obfuscation. Perhaps it could be made a modular solution? Go ahead and send the patch to the list, I'd be curious to look at it. -Michel
Anthony
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )