Hi,
> I have a login page which requires a username and a password.
> When the user logs in, the url in the browser shows the cleartext
> value of the password. Obviously, that is a huge security problem,
> and I would suggest that Embperl should not put the value of a
> field in the URL if the input field from which is came was of type
> password. Is there any way to turn off this display of the password
> field?
just use METHOD=POST in your login page <FORM> tag instead of GET.
Rgds,
Tfr
--==< [EMAIL PROTECTED] >==< http://tfr.cafe.ee/ >==< +1-504-4467425 >==--
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
