How I do to force the browser to not store the html form field data?
When typing in html forms, browsers like firefox or ie store the values, sometimes quietly. So when typing in another webforms, the browser smartly suggest the same information. Another method to show the dropdown list is double-clicking an empty textbox.
In a e-commerce website, the customer type the credit card number, and another sensitive information. How I do to avoid or block the browser to store that sensitive information?
Another worry is about tampered form data stored (by a malware, by example). Then the customer can select this contaminated data and compromise the site.
Regards.
See a longer discussion here:
How do you disable browser Autocomplete on web form field / input tag?
It looks like autocomplete="off" will work in some cases but it is not XHTML compliant.
Try with the atribute autocomplete="off"
It should work for single input elements:
<input type="text" autocomplete="off" name="text1" />
or to the entire form:
<form name="form1" id="form1" method="post" autocomplete="off"
action="http://www.example.com/action">
[...]
</form>
And specifically for ASP .NET you can set it like this:
The WebForms form:
<form id="Form1" method="post" runat="server" autocomplete="off">
Textboxes:
<asp:TextBox Runat="server" ID="Textbox1" autocomplete="off"></asp:TextBox>
or at runtime:
Textbox1.Attributes.Add("autocomplete", "off");
It is good to use the autocomplete="off" for public computers when you store data like usernames, credit card numbers and such.
So if you build a intranet system it would be OK to do it.
链接地址: http://www.djcxy.com/p/4486.html上一篇: HTML表单只读选择标记/输入