[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: Re: Outstanding critical issue for KDE 2.2
From: Kurt Granroth <granroth () suse ! com>
Date: 2001-08-01 21:01:15
[Download RAW message or body]
On Wednesday 01 August 2001 01:18 pm, Malte Starostik wrote:
> Forms can use an attibute ("nocomplete" IIRC, dunno exactly) to disable
> completion for some fields. That attribute is honoured by both IE and
> KHTML, any other text field is completed. But I agree, information entered
> into SSL forms should not be stored.
Actually, you agree to something I did not say ;-) I *like* having the
autocompletion even in SSL forms. 90% of entries on SSL forms are name,
email address, snail address, and the like. Those are a PITA to write
everytime so the autocompletion is a huge timesaver. Those entries are also
fairly public in that I don't mind if anybody sees them.
I will admit that it's disconcerting to see credit card numbers written to
the formcompletions cache, though. Sure, those sites are "broken".. but
that's not much of an excuse.
On the other hand, there *is* some modicum of security still in place. My
$HOME/.kde2 directory and formcompletions file are readable only by me (and
root). If somebody were to crack my system, then the info stored in
formcompletions would be the least of my worries since I also store all of my
passwords to all of the ecommerce sites I go to on my computer.
Hmm...
--
Kurt Granroth | http://www.granroth.org
KDE Developer/Evangelist | SuSE Labs Open Source Developer
granroth@kde.org | granroth@suse.com
KDE -- Conquer Your Desktop
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic