At 11:45 PM 12/21/2005, Neil Atwood typed:
There is no 'hidden' email address in the form (as such).
The simplest forms use something like this
<FORM action="mailto:[EMAIL PROTECTED]" method="post">
instead of scripting and these are equally harvestable
It's encoded by server-side scripting, so the answer is no, the
spambots have nothing to harvest.
That's the way it should be to prevent harvesting
<FORM action="http://www.wavijo.com/cgi/somescript.cgi"; method="post">
but people that have sites that don't support scripting such as
GeoCities have no choice other than to get another webhosting service.
As you probably know any Input can equal Hidden, Text, Password,
Checkbox, Radio, Submit, Reset, File or Image such as
<INPUT TYPE=hidden NAME=recipient VALUE="[EMAIL PROTECTED]">
<INPUT TYPE=hidden NAME=subject VALUE="Feedback on your HTML Reference">
I'm not arguing that forms used with scripting aren't secure or not
but rather just pointing out that the simplest form action like I
have at the top should be avoided at all costs as it's no better than
using mailto: elsewhere in the html. Here is a website devoted to
revealing the problems with using "action="mailto:........";
<http://www.isolani.co.uk/articles/mailto.html>
----------+----------
Wayne D. Johnson
Ashland, OH, USA 44805
<http://www.wavijo.com>
