Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re^2: Quest: a bulletproof-secure, automated scraper

by cLive ;-) (Prior)
on Mar 19, 2005 at 06:21 UTC ( #440880=note: print w/replies, xml ) Need Help??

in reply to Re: Quest: a bulletproof-secure, automated scraper
in thread Quest: a bulletproof-secure, automated scraper

bank of america, seems to use a static field to login ... should be fairly easy for the less scrupulous people to break in as well, since all they have to do is get into your machine, and check your browsers auto-complete data.

Actually, they don't cache the password, even though it's static. I was just examining the JavaScript on the page trying to work this one out. I checked my saved form fields in firefox, and they do save my user id in full, but that's all. I haven't looked at it in detail, but my guess is they generate the password field that is submitted using JS and then that doesn't get cached because the browser doesn't "see" it. Though, this is only a guess (I only spent 5 minutes browsing code and didn't go as far as to grab the JS source.

B of A has a very neat online banking UI. Being in this area a bit myself, I'm continually impressed as to how well it performs across several browsers / platforms.

cLive ;-)

  • Comment on Re^2: Quest: a bulletproof-secure, automated scraper

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://440880]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (2)
As of 2022-08-19 20:47 GMT
Find Nodes?
    Voting Booth?

    No recent polls found