prevent_lucy_from_collecting_passwords_in_form_submits
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
prevent_lucy_from_collecting_passwords_in_form_submits [2019/07/25 12:49] – external edit 127.0.0.1 | prevent_lucy_from_collecting_passwords_in_form_submits [2022/04/07 19:59] (current) – lucy | ||
---|---|---|---|
Line 21: | Line 21: | ||
</ | </ | ||
+ | ===== Option 2: Do not collect any data ===== | ||
+ | To exclude the credentials from the POST request one should empty the name attribute of the login and password fields. So the form on index.html will look as follows: | ||
- | ===== Option | + | <form action="? |
+ | <input class=" | ||
+ | <input class=" | ||
+ | In that case neither user login nor password will leave the victims browser. | ||
+ | |||
+ | ===== Option | ||
{{ 3letters_.png? | {{ 3letters_.png? | ||
Line 76: | Line 83: | ||
</ | </ | ||
</ | </ | ||
+ | |||
+ | | ||
+ | |||
+ | Sometimes there is a need to ask users for some extra information in the form where their credentials are supposed to be filed in and as a consequence, | ||
+ | |||
+ | As you can see on the screenshot below, this form has two fields for entering the credentials (Login name and the Password). Let’s try to understand what does it consist of? | ||
+ | |||
+ | |||
prevent_lucy_from_collecting_passwords_in_form_submits.1564051798.txt.gz · Last modified: 2019/07/25 12:49 by 127.0.0.1