I've recently begun using HTML::FillInForm to redisplay CGI forms with errors highlighted. I'm curious about security issues with redisplaying password fields.
It seems that if I'm sending the password the server as plain text,
the security is not much worse to have it sent back as plain text. However,
would having the password field pre-filled possibly cause a browser to cache it
in that state? I realize this question isn't specific to Perl, but I thought someone might have a pointer on it. Thanks!
Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
Want more info? How to link
or How to display code and escape characters
are good places to start.