I've recently begun using HTML::FillInForm to redisplay CGI forms with errors highlighted. I'm curious about security issues with redisplaying password fields.
It seems that if I'm sending the password the server as plain text,
the security is not much worse to have it sent back as plain text. However,
would having the password field pre-filled possibly cause a browser to cache it
in that state? I realize this question isn't specific to Perl, but I thought someone might have a pointer on it. Thanks!
-mark