YANG ChengFu <[email protected]> writes: > yes, I want to prefilling field from cookie, thanks for your suggestion, I > will take a look at it 1
I will mention that at least Firefox, and I thought most browsers these days, have built-in support for remembering usernames and passwords on web sites, and usually do that somewhat more securely than with cookies. (For example, Firefox can optionally encrypt the database in a master password, and I think Safari uses the Mac OS X keychain.) If your users are using standard browsers, you may want to push them that way instead for the password part of things. (We try to discourage our users from doing that with our WebLogin server, at least unless they enable a master password or some sort of secondary authentication, but it's protecting salary information, student grades, private email, and so forth. If you're protecting things that aren't as high-value, it might be a worthwhile tradeoff.) -- Russ Allbery <[email protected]> Technical Lead, ITS Infrastructure Delivery Group, Stanford University
