On 1/13/06, Cornillon, Matthieu (Consultant) <[EMAIL PROTECTED]> wrote: > I use the autocomplete="off" approach with much success. I am curious > though: is it true that you can override this setting from within the > client?
Yup. You have absolutely no control over what the client does. As developers we trust that our users use a certain browser or have a certain set of possible configurations, but you will never have control over the end user's computer, and you should make (some) decisions based on this assumption. You can make a best effort to prevent the user from storing a credit card number in an auto fill field, but at the end of the day they control what they do with their own computer. I see that you are at a Pfizer email address, possibly meaning that you are developing applications for internal consumption. In this case you do have a little bit more control over the client than a typical public facing website, but don't ever underestimate your user's ability to tinker, adjust, and screw up their own machine configurations. At some point, you just have to say "I've done a reasonable amount of preventative measures, and I have to trust that the user will not attempt to circumvent them". -Cameron -- Cameron Childress Sumo Consulting Inc http://www.sumoc.com --- cell: 678.637.5072 aim: cameroncf email: [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:229597 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
