Win a copy of Transfer Learning for Natural Language Processing (MEAP) this week in the Artificial Intelligence and Machine Learning forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Tim Cooke
  • Paul Clapham
  • Devaka Cooray
  • Bear Bibeault
  • Junilu Lacar
  • Knute Snortum
  • Liutauras Vilda
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Piet Souris
  • salvin francis
  • Carey Brown
  • Frits Walraven

Locked Down HTML Input Fields

Posts: 3072
Android Eclipse IDE Angular Framework TypeScript Redhat MicroProfile Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So frustrating .. I am trying to make a on-line purchase, it fails, and I am presented a Java stack trace.  I copy the trace to the clipboard, navigate to the support page to let them know there's a problem, and discover that the HTML form has all the input fields locked-down so that I can't paste the details of the error.

For example:
What is the logic behind doing this?
Posts: 4856
IntelliJ IDE Python Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you edit the page locally with your browser development tools to allow you to paste in and submit it?

It's does seem needlessly restrictive though I agree.
Saloon Keeper
Posts: 6377
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

It's does seem needlessly restrictive

Depends on whose needs this is supposed to meet. The needs of customers needing to register a complaint are not being met. The need of the customer support folks not to receive too many work requests, very much so.
Ranch Foreman
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From what I experienced myself over the years this often happen in one of two ways:
1) registration needed before submit is "allowed" (and the disabled form is kind of a "teaser" like: "look, here's what you get when you register" - although only really a problem for someone not knowing how to use dev-tools)
2) order of validation: although way less common I got some forms where you had to follow an order its dev wanted you to follow, like first enter contact details and only if they passed some very basic "validation" then the rest of the form tags was enabled via JS
As both can be "cracked" rather easy, and doesn't protect against bot abuse at all, it's more annoying than anything else.
And in this very case, were you get just a stacktrace instead of some error message, sounds more like there's more wrong on the dev side than just that annoying bug report form. I would try to get some e-mail-address and contact them directly about all those issues. And if they don't change it rather quick I may would consider not to use this site any longer.
Saloon Keeper
Posts: 21963
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The developers shouldn't really need what's on the form, if they've done their job right. Although I suppose that getting a stack trace is ipso facto an indication that the job wasn't really done right. Still, the stack trace should at least be a guideline. A screen shot wouldn't hurt, though.

Then again, I find that very rarely can you get a problem report actually back to the developer when you have a situation like this, and that's even if the developer was someone in-house and not offshore body shop or a third-party package.

Personally, anyone who puts forbidding of this degree on their webpage isn't likely to get my business anyway. I use a password vault and password fields that forbid pasting from the vault are much less secure than ones that allow pasting. Non-paste sites mean that anyone who's nearby can see what password I'm typing, plus I probably have had to retrieve and display a plain-text copy of the password to type in, since only an idiot would have the same easily-remembered password for everything.
Evil is afoot. But this tiny ad is just an ad:
Two software engineers solve most of the world's problems in one K&R sized book
    Bookmark Topic Watch Topic
  • New Topic