mailing list archives
Re: Mac Netscape password fields
From: CDE Francis <fuy () jhu edu>
Date: Mon, 26 Nov 2001 09:58:25 -0500
At 10:27 AM -0600 2001/11/21, behr () math niu edu wrote:
I apologize if this is well known, but the thread about IE password
inputs reminded me of a somewhat more serious problem in Netscape for
MacOS (v. 4.77, and at least some earlier ones):
A few fast Google searches did not reveal any highly ranked pages
that discuss this problem, therefore it isn't "well known".
access a page with <input type="password" ...>
type something in that field
The "secret" string prints in clear text.
I just downloaded a fresh copy of the latest Communicator (v4.79)
and it still exhibits this security flaw. I wonder what the point
of 4.79 is, if it doesn't fix bugs like this?
Francis Uy, Web Coordinator http://www.cty.jhu.edu/cde/ 410-516-0162