Re: Internet Explorer 6 Form problems

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 62623
interpreted = N
texte = PS. I think you have a typo in your signature file. "US Merchant Systerms" If I am wrong please ignore. -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Bess Ho Sent: Monday, July 18, 2005 2:31 PM To: WebDNA Talk Subject: Re: Internet Explorer 6 Form problems Many use POST because GET is not very secure in terms of security. GET is wild open that everyone with some IT knowledge can read all the parameters and hidden fields on GET form. It showed up on the URL, showing all the name and values including the hidden fields. Therefore it is easy for release sensitive information that provider or user didn't want to reveal. GET will show those parameters on URL even on a secured SSL website. It is not as simple as changing in between GET and POST. The method to pass the form field is different. If you change the form from GET to POST, you would have to change the processing page that handle the form fields. Bess Ho Business Analyst/Webmaster Dept of Marketing US Merchant Systerms 3125 Skyway Court Fremont CA 94539 Direct 510-771-2100 Ext 119 Fax 800-329-0961 bessh@usms.com www.usms.com -----Original Message----- From: Donovan Brooke [mailto:dbrooke@euca.us] Sent: Monday, July 18, 2005 1:43 PM To: WebDNA Talk Subject: Re: Internet Explorer 6 Form problems WebDna @ Inkblot Media wrote: > Let me clarify that ... It works ALL THE TIME if I change the form method > from Post to Get. It works all the time in my IE, but never in my Wife's and > some clients'. Thats what I'm talking about... POST method was originally design to send secured info (from what I can tell). If you read about it at w3 it talks about that. Basically, one should not be able to access a page that has expired via post method... (according to *an* interpretation of the standards). Also, P3P will utilize some rules for the POST method as well. It will probably have to do with the security level settings of IE, MimeHeaders, and could have something to do with P3P... but if there are no Cookies, my guess is that this is not the issue. POST *IS* different from GET.. an easy way to verify the Mimeheaders is by an outside website with that tool.. don't have time to look for one. Donovan -- =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o DONOVAN D. BROOKE Euca Design Center <-Web Development (specializing in eCommerce), -> <- Graphic Design, Custom Tags and Labels -> ADDRESS:> Donovan Brooke Euca Design Center 1871 HWY MM Fitchburg, WI 53575 PH:> 1.608.835.2476 Web:> http://www.egg.bz http://www.euca.us =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  2. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  3. Re: Internet Explorer 6 Form problems ( Gary Krockover 2005)
  4. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  5. Re: Internet Explorer 6 Form problems ( Jim Lanford 2005)
  6. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  7. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  8. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  9. Re: Internet Explorer 6 Form problems ( Bess Ho 2005)
  10. Re: Internet Explorer 6 Form problems ( Bess Ho 2005)
  11. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  12. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  13. Re: Internet Explorer 6 Form problems ( Bess Ho 2005)
  14. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  15. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  16. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  17. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  18. Re: Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
  19. Re: Internet Explorer 6 Form problems ( Donovan Brooke 2005)
  20. Internet Explorer 6 Form problems ( "WebDna @ Inkblot Media" 2005)
PS. I think you have a typo in your signature file. "US Merchant Systerms" If I am wrong please ignore. -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Bess Ho Sent: Monday, July 18, 2005 2:31 PM To: WebDNA Talk Subject: Re: Internet Explorer 6 Form problems Many use POST because GET is not very secure in terms of security. GET is wild open that everyone with some IT knowledge can read all the parameters and hidden fields on GET form. It showed up on the URL, showing all the name and values including the hidden fields. Therefore it is easy for release sensitive information that provider or user didn't want to reveal. GET will show those parameters on URL even on a secured SSL website. It is not as simple as changing in between GET and POST. The method to pass the form field is different. If you change the form from GET to POST, you would have to change the processing page that handle the form fields. Bess Ho Business Analyst/Webmaster Dept of Marketing US Merchant Systerms 3125 Skyway Court Fremont CA 94539 Direct 510-771-2100 Ext 119 Fax 800-329-0961 bessh@usms.com www.usms.com -----Original Message----- From: Donovan Brooke [mailto:dbrooke@euca.us] Sent: Monday, July 18, 2005 1:43 PM To: WebDNA Talk Subject: Re: Internet Explorer 6 Form problems WebDna @ Inkblot Media wrote: > Let me clarify that ... It works ALL THE TIME if I change the form method > from Post to Get. It works all the time in my IE, but never in my Wife's and > some clients'. Thats what I'm talking about... POST method was originally design to send secured info (from what I can tell). If you read about it at w3 it talks about that. Basically, one should not be able to access a page that has expired via post method... (according to *an* interpretation of the standards). Also, P3P will utilize some rules for the POST method as well. It will probably have to do with the security level settings of IE, MimeHeaders, and could have something to do with P3P... but if there are no Cookies, my guess is that this is not the issue. POST *IS* different from GET.. an easy way to verify the Mimeheaders is by an outside website with that tool.. don't have time to look for one. Donovan -- =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o DONOVAN D. BROOKE Euca Design Center <-Web Development (specializing in eCommerce), -> <- Graphic Design, Custom Tags and Labels -> ADDRESS:> Donovan Brooke Euca Design Center 1871 HWY MM Fitchburg, WI 53575 PH:> 1.608.835.2476 Web:> http://www.egg.bz http://www.euca.us =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "WebDna @ Inkblot Media"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Multipart Form - Ascertain File Type (2007) Webmerchant confirmation hooks? (1997) WebCatalog NT beta 18 problem (1997) NOT Search (1998) [Webcat 2]Next (1997) [WebDNA] Migrating site (2017) Is this possible, WebCat2.0 and checkboxes (1997) Searching multiple criteria (2000) Getting Total Quantity (1997) Change Subtotal (2000) Encrypted items in DB (2001) problems with 2 tags (1997) Replacing a variable within a variable. (1998) WC2.0 Memory Requirements (1997) Country & Ship-to address & other fields ? (1997) Nested tags count question (1997) Erotic Sites (1997) Remote Admin Design Question (1998) Catalog Design (1999) [OT] Search Engine Tips (2003)