Jump to content

Preventing browsers from saving input box data


drewbee

Recommended Posts

Since we all know browsers now a days have a nifty little feature to save the information put into textboxses for later use, I am curious if there is a way to prevent this from happening?

 

I have the need to obtain sensitive data from a user, lets say a credit card.

 

So we have the input box requesting credit card information. The user puts it in and is prompted with the box 'Do you want xxx browser to remember this information'. Lets say our user clicks on the 'remember' button and thus the credit card number is stored in the browser for later use.

 

Should it happen to be a public computer, another person sites down and gets ready to buy something as well and as he/she clicks into the credit card box, a nice little pre-filled out credit card number is ready to go for them.

 

What can be done to prevent this? As far as I know there is no attribute to tell it not to remember this information in specific fields. At best I could randomize the input's name on each page load thus not worrying about what the user puts in.

 

This is simply something to protect users from there own stupidity, and if anyone has any tips, please feel free to share them or your thoughts on this situation!

Link to comment
Share on other sites

Your desire to protect the user is honorable but most likely futile. I am not aware of anything that can be done on your end to prevent the user from storing his cc# in the browser. You could display a warning telling the user not to do that but beyond that I don't think there is anything else you can do.

Link to comment
Share on other sites

What you are asking about is akin to removing all choice from the end user. Keep in mind that the "remember" feature is indeed simply a feature of the browser and can therefore be turned off by the user. Along the same lines, the feature is typically disabled or removed entirely at most public places such as libraries.

 

In addition, most browsers that remember certain features will by default ignore certain name field matches (such as SSN and CC information). Again, this varies from browser to browser as well as what 3rd party form memory application may be installed (such as RoboForm), so there is no way to account for all of them.

 

The desire to protect the user from himself is definitely admirable, but it is something that you cannot always do.

Link to comment
Share on other sites

Yes; I agree! The only thing I have come up with so far is a textarea. I have not come across a browser that remembers the textarea field. I guess I could format it to look like a input box, remove scrolling etc. Almost more work then what is necessary. But it is a start. :)

Link to comment
Share on other sites

You can do this with AJAX.

 

just put your inputs, but dont put them in a <form> tag

so that the browser wont remember it.

 

then at the end put in this:

 

<button onClick="ajax_function()">

Send Data

</button>

 

then use javascript to save the users inputed information

and then send it to a page with PHP, tell that page to

process the data and then return the results. Seems like

a lot to do, but if you are serious about preventing browsers

from saving the data, you might want to consider what i

wrote above.

Link to comment
Share on other sites

Yup; and at times it may be neccessary to force javascript on in the browser. (Or some type of detection for it). The percentage of people with javascript off isn't too terribly high. I think based off of odds of people with javascript off and who 'save information' and who have it on but use the technique above to avoid saving information reduces that number to a very very small fraction (those who have it off and 'save information') of people.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.