one of the customer service people here just pointed out something of a horror problem (a week before go-live, yay). IE5 appears to have a client-side cache of form entry values - so if someone returns to a page, they get a drop-box of previously entered values for this form field - this occurs even on a form accessed by https. To say that I'm somewhat unimpressed by this utter misfeature is something of an understatement. Imagine a kiosk setup, with a registration screen prompting for (amongst other things) a credit card number. Gee, let's use one someone entered earlier - pull down a little scrolly box. aiieieieie. One thought that comes to mind is to make the form field name be a name with a random bit on the end. (Another thought that came to mind was to do a drive-by on the local MS office.) Anyway, the reason for the zope-post is that I'm thinking of hacking the field name converting so that you can do fieldname:type:end:anything and just finish looking for the type name after it hits the 'end' tag. This is a 3 line patch to ZPublisher/HTTPRequest.py - would it offend anyone if it was added? Anthony
Why not just turn off the auto-completion? ----- Original Message ----- From: Anthony Baxter <anthony@interlink.com.au> To: <zope@zope.org> Sent: Wednesday, May 12, 1999 8:48 AM Subject: [Zope] IE5 form entry horror.
one of the customer service people here just pointed out something of a horror problem (a week before go-live, yay).
IE5 appears to have a client-side cache of form entry values - so if someone returns to a page, they get a drop-box of previously entered values for this form field - this occurs even on a form accessed by https. To say that I'm somewhat unimpressed by this utter misfeature is something of an understatement. Imagine a kiosk setup, with a registration screen prompting for (amongst other things) a credit card number. Gee, let's use one someone entered earlier - pull down a little scrolly box.
aiieieieie. One thought that comes to mind is to make the form field name be a name with a random bit on the end. (Another thought that came to mind was to do a drive-by on the local MS office.) Anyway, the reason for the zope-post is that I'm thinking of hacking the field name converting so that you can do fieldname:type:end:anything and just finish looking for the type name after it hits the 'end' tag.
This is a 3 line patch to ZPublisher/HTTPRequest.py - would it offend anyone if it was added?
Anthony
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
"Phil Harris" wrote Why not just turn off the auto-completion?
on every browser, everywhere in the world, that might access our site? quite a lot of the traffic we expect to be from internet cafes and other sites where the machines are shared, and poorly maintained... some research turned up a new option for input type=text of "autocomplete". testing here seems to show that it doesn't actually do anything.
one of the customer service people here just pointed out something of a horror problem (a week before go-live, yay).
IE5 appears to have a client-side cache of form entry values - so if someone returns to a page, they get a drop-box of previously entered values for this form field - this occurs even on a form accessed by https. To say that I'm somewhat unimpressed by this utter misfeature is something of an understatement. Imagine a kiosk setup, with a registration screen prompting for (amongst other things) a credit card number. Gee, let's use one someone entered earlier - pull down a little scrolly box.
aiieieieie. One thought that comes to mind is to make the form field name be a name with a random bit on the end. (Another thought that came to mind was to do a drive-by on the local MS office.) Anyway, the reason for the zope-post is that I'm thinking of hacking the field name converting so that you can do fieldname:type:end:anything and just finish looking for the type name after it hits the 'end' tag.
This is a 3 line patch to ZPublisher/HTTPRequest.py - would it offend anyone if it was added?
At 09:48 12-5-99 , Anthony Baxter wrote:
one of the customer service people here just pointed out something of a horror problem (a week before go-live, yay).
IE5 appears to have a client-side cache of form entry values - so if someone returns to a page, they get a drop-box of previously entered values for this form field - this occurs even on a form accessed by https. To say that I'm somewhat unimpressed by this utter misfeature is something of an understatement. Imagine a kiosk setup, with a registration screen prompting for (amongst other things) a credit card number. Gee, let's use one someone entered earlier - pull down a little scrolly box.
But can be switched off.... I think you can even check wether or not the setting is on, and refuse to serve that browser or something =). I personally find the feater very handy, specially when experimenting with ZClasses. Lots of textbox typing is saved with it. -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | Tel: +31-35-6254545 Fax: +31-35-6254555 | mailto:mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ------------------------------------------
participants (3)
-
Anthony Baxter -
Martijn Pieters -
Phil Harris