change list for WebCore/JavaScriptCore version 60

George Staikos staikos@kde.org
Sat, 15 Feb 2003 12:38:48 -0500 

On Friday 14 February 2003 18:37, Trey Matteson wrote:
> On Friday, Feb 14, 2003, at 14:59 US/Pacific, Dirk Mueller wrote:
> >> - added ways to detect pages that have password fields or are secure
> >> forms so we know not to save the values in them
> >
> > interesting, we have that password-not-caching in HEAD, but we got a
> > lot of
> > complains about this.
> >
> > what is the idea behind skipping the session-state saving of secure
> > forms?
> > this means that upon "back" when you mistyped something in your home
> > banking
> > you can start from scratch.
> >
> > the history is transient, when you close the window its gone.
>
> Wells Fargo chose to block access via Safari when they discovered that
> the password and account name could be available via back/forward.
> Everyone here agreed we should never save/restore a password field.  In
> addition we decided to be additionally conservative as to not
> save/restore any forms that are submitted via https that contain a
> password field.  This matches WinIE (but not MacIE).

   I completely agree with this.  I actually believe that it should go further 
and not save any https forms considering that they often have credit card 
numbers or other personal data.  We had this discussion in the past where 
people believe that it was even a good idea to save this information in the 
form autocomplete history too!

> You can certainly make arguments for and against the value of this
> choice.  Since the size of these forms is typically only two fields, we
> decided to accept the inconvenience of retyping a field when going back
> in return for a slight reduction of security risk, and a greater level
> of acceptance by sites who are paranoid.  We are watching for strong
> user feedback that this choice is incorrect, and could possibly revisit
> it.

   I think you have made the right choice despite what some users may want.  
We are working on a wallet system for storing this data for future 
auto-fill-in as well.  Then the user can enter a password to unlock the 
wallet, and use it to fill in these forms quickly.  I think this is the 
ultimate solution.  It provides the convenience, and the security.

-- 

George Staikos