Stuart Ballard wrote:
>
> [EMAIL PROTECTED] wrote:
> >
> > [EMAIL PROTECTED] wrote:
> > > I know there is a tag in IE Autocomplete="off". . .
> > > We need this as a security issue for credit card # entry. Is there a
> >
> > I hope to God that you're not putting something that sensitive in a URL.
> > If so, you're not asking for trouble, you've already got it - and getting rid
> > of autocomplete will not protect you.
>
> He's not talking about the URL, he's talking about form auto-fill. And
> he has a point. You can't implement credit card entry without putting it
> in a form *somewhere*...
If he's talking about form auto-fill, there's a preference to turn it off
available on the preferences dialog.
There's no way for a *site* author to turn it off, though. Not sure if
that's a good or bad idea. It would help folks too stupid to think saving a
credit card might be a bad idea, but make life harder for folks who want the
convenience and are smart enough to save the credit card information
security encrypted (as mozilla and Netscape 6 can do, but don't by default).
It would also be a non-standard tag attribute, and we sort of frown on that.
-Dan Veditz
