you're reading...


Why You Shouldn’t Keep Important Data In HTML Forms

HTML forms are the predominant way to procure data from a user on the web.  Signing up for newsletters, making purchases, and taking any other data from users are all done through forms.  When dealing with sensitive information, like handling monetary transactions, it’s important to handle it on the backend, rather than in the form itself, otherwise a knowledgeable person may be able to change the data in your form to their own ends.

While on my trip to Florida, I didn’t want to pay $11.95 a night for wifi. The cost by the time I left the hotel would have been almost as much as I pay for high speed internet in my apartment for a month. I didn’t care for this value proposition, so I began exploring other options.  I tried using my Droid as a wifi hotspot, but I started have connection issues and had to give up. As a last resort, I Googled “free [hotel name] wifi” and found this link, which tells anyone with some programming knowledge and a Firefox plug-in called firebug that allows you to monitor and edit a webpage from within a browser.

To do this little trick, you would connect to the hotel’s wifi and bring up any webpage, which will redirect you to the form to purchase wifi. Clicking the little bug icon to open the firebug console and click HTML. In the search box, type 11.95 (or whatever the price is) and hit enter. Only two results will show up in the page, the price as it appears in the text and a hidden form element. Change the 11.95 in the hidden form element to 0.95 and fill out the form in the webpage as normal then hit submit. Once the form processes, you have 24 hours of wifi for less than a dollar.

Keeping valuable information, like the price of merchandise or wifi, needs to be controlled in a way that an external user cannot affect it. In the case of the wifi, the price should be displayed for the user, but the actual monetary value should be held in the server where the user cannot directly affect it. While mechanisms like coupon codes can be used to modify the price in a merchant controlled way, an enterprising user with some computer knowledge should not so easily be able to name their own price against the merchant’s wishes. Such situations need to be considered and tested for by a developer before a website goes live or there may be a situation where customers who are savvy enough to find the holes will exploit them for their own ends.

A good programmer needs to consider the angles and protect against those who may attempt to hack their sites. From checking form fields for injection to hiding sensitive data from the user, otherwise there are people like myself or the writer of the blog that informed me of the loophole will take advantage to our own ends, like making the cost of hotel wifi more to our liking.

Be Sociable, Share!
  • I always keep a copy of cURL handy. This allows me to post to any url without going through pesky web forms. Works wonder.
    🙂 stw

    • And that’s why I always check the submitting IP address in my forms to make sure they come from a trusted source.

Error: 503 Connection refused

Error 503 Connection refused

Connection refused

Guru Mediation:

Details: cache-jfk8141-JFK 1487645512 3896818768

Varnish cache server