Home Articles FAQs XREF Games Software Instant Books BBS About FOLDOC RFCs Feedback Sitemap
irt.Org

Feedback on: HTML #5 - Using feedback forms, October 05, 1998 at 05:23:18:

You are here: irt.org | About | Feedback | 23 [ previous next ]

Feedback on:
HTML #5 - Using feedback forms

Sent by
Paul Bennett on October 05, 1998 at 05:23:18:> For example, a form-to-email script
> might look at a hidden control in order
> to find out which e-mail address it
> should send the form to

This can be a really bad idea. Unless
you do this carefully, you give me the
ability to send arbitary e-mail from your
server to anyone I want to - you've
created an anonymous re-mailer. And
don't start talking about the CGI
HTTP_REFERRER field - I can get
around that by telnet'ing to your HTTP
port.


Paul.

Other feedback on 'HTML #5 - Using feedback forms' - show all

©2018 Martin Webb