ASP.net Core 2.2 MVC Web Application
I have a number of forms where I do NOT want the browser to cache/show any previous entered data when the user return to the page. I want the elements/form to NOT cache any information. I do not simply want the browser not to show previously entered information, I want it not to be cached for security reasons.
I tried decorating the controller method with:
[ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)]
to no avail, when I again navigate to the page/form and start typing, previously entered values keep showing up as autocomplete options.
I've tried playing with every nuance of this as well:
Response Caching Middleware in ASP.NET Core
How is this done for all browsers nowadays?
Sounds like it is caused by the autocompletion feature of browser:
By default, browsers remember information that the user submits through fields on websites. This enables the browser to offer autocompletion (that is, suggest possible completions for fields that the user has started typing in) or autofill (that is, pre-populate certain fields upon load).
To disable this feature for a form:
<form autocomplete="off">
...
</form>
Or disable a field :
<input ... autocomplete="off">
Here's a detailed explanation on off
The "off" keyword indicates either that the control’s input data is particularly sensitive (for example the activation code for a nuclear weapon); or that it is a value that will never be reused (for example a one-time-key for a bank login) and the user will therefore have to explicitly enter the data each time, instead of being able to rely on the user agent to prefill the value for him; or that the document provides its own autocomplete mechanism and does not want the user agent to provide autocompletion values.
For more details, see how to disable autocompletion on MDN and w3c.org
Hope it helps.
You can use autocomplete="off" for html elements but chrome prevent this for some names like "name", "address" etc.
This topic was discussed earlier. Chrome ignores autocomplete="off"
Related
I am testing my web application using Selenium. All the form validation in the web application is done by HTML5 and some JS(for safari browser). I want to know what is the proper way to test the form validation.
Currently I am using one approach, i.e Before I filled up a mandatory field I clicked on the submit button. If the page is not refreshed then I assume the form validation working correctly. But I think there should be a better approach to do it. I am unable to find any proper solution. Any suggestion will be highly appreciated.
I also go through this link. But it is not working for me because it is not enough to have required attribute (eg required attribute does not work in older Safari browser).
Rather than checking if the page is refreshed or not, you should instead expect that it is not and that a certain error message or field highlighting or something is applied to the current page. When in an error state, the input fields probably get given an extra class, or an error div/span might be added to the DOM, try checking for that sort of thing
Is there some kind of attribute that'll block Safari and Chrome's address and contact info on a certain HTML <input>.
I have an EmailSubject field in one of my forms and Safari (iOS and dekstop) treats it as an email input and enters the user's email address in the field.
I am definitely not looking to disable autocomplete, not even a jQuery code that'll disable it only on WebKit browsers, just looking for some sort-of built in WebKit attribute for the input itself. Google couldn't help with on this one.
Sometimes I notice this strange behavior on Chrome and Safari, when there are password fields in the same form. I guess, the browser looks for a password field to insert your saved credentials. Then it autofills (just guessing due to observation) the nearest textlike-input field, that appears prior the password field in DOM. This may also appear for email, home address etc. As the browser is the last instance and you can not control it, sometimes even autocomplete=off would not prevent to fill in credentials. This readonly-fix worked for me.
<!-- fix browser address/password etc fill in:
set readonly and set writeble on focus (click and tab) -->
<input type="search" readonly
onfocus="$(this).removeAttr('readonly');"/>
I'm using the eeHarbor polls module and need help with the following:
As the code is currently configured, the poll question displays on my homepage. If the user either selects an option and casts a vote, or clicks on the "view results" option, the results are then displayed within the same area on the homepage (replacing the poll questions and options).
I would like to have the results (either after a vote is cast or after the user selects "view results") displayed on a different page, where I can add related content. Does anyone know how I may edit the poll module's parameters to make this happen?
Also, the poll module creates all new polls with 2 possible voting options/answers. There is a link to click that should allow the admin to "add options" or "add other option" but clicking this link doesn't dork, leaving me with only 2 options for every poll.
I have uninstalled and reinstalled the module with no change.
Any ideas why this is happening and how it may be resolved?
Check the FAQ page here: http://eeharbor.com/polls/faq
Can I change the return URL for a given poll?
Yes, as of version 1.4 you can add a hidden form element with the name of "return_url" to specify the url you would like a user to be sent to after submitting a poll.
<input type="hidden" name="return_url" value="" />
Situation: I needed to add form with POST method to CMS page. I created custom hook and a module displaying the form successfully. Then I need to react to user input errors eg. when user doesn't enter email address I need to detect it, display the whole page again together with the form and with "errors" in user input clearly stated.
Problem: The problem is to display the WHOLE page again with connected information (eg. about errors etc.). In the module PHP file when I add this kind of code,
return $this->display(__FILE__, 'modulename.tpl');
it (naturally) displays ONLY the form, not the whole CMS page with the form.
In case of this code,
Tools::redirectLink('cms.php?id_cms=7');
I can't get to transfer any information by GET neither POST method.
$_POST['test'] = 1;
Tools::redirectLink('cms.php?id_cms=7&test');
I tried to assign to smarty variables too
$smarty->assign('test', '1');
(I need to use it in .tpl file where the form itself is created) but no way to get it work.
{if isset($test)}...,
{if isset($smarty.post.test)}...,
{if isset($_POST['test'])}... {* neither of these conditionals end up as true *}
Even assigning a GET parameter to url has no impact, because there is link rewriting to some kind of friendly url I guess, no matter I included other argument or not. ([SHOPNAME]/cms.php?id_cms=7&test -> [SHOPNAME]/content/7-cmspage-name)
My question is: is there a way to "redirect" or "reload" current page (or possibly any page generally) in prestashop together with my own data included?
I kind of explained the whole case so I'm open to hear a better overall solution than my (maybe I'm thinking about the case in a wrong way at all). This would be other possible answer.
The simplest method would be to use javascript to validate the form - you can use jQuery to highlight the fields that are in error; providing visual feedback on how the submission failed. In effect you don't allow the user to submit the form (and thus leave the page) until you're happy that the action will succeed. I assume that you will then redirect to another page once a successful submission has been received.
There's lots of articles and how-tos available for using javascript, and indeed jQuery for form validation. If you want to keep the site lean and mean, then you can provide an override for the CMS controller and only enqueue the script for the specific page(s) you want to use form validation on.
If the validation is complex, then you might be best using AJAX and just reloading the form section of your page via a call to your module. Hooks aren't great for this kind of thing, so you might want to consider using an alternative mnethod to inject your code onto the cms page. I've written a few articles on this alternative approach which can be found on my prestashop blog
I'm building a website with very small amounts of Javascript, just to add things to the page (like a contact form) without having to go to a new page.
I understand that I should build the contact page anyways (just in case the user doesn't have javascript turned on) and then use javascript if they've got it.
So where do I store the HTML for the form if I don't want to have it in two places?
(Normally I'm not so picky, but I'm curious on this one.)
If you have access to a server-side language, you can keep a separate snippet of the form in an external page. Then, you can include the snippet into the HTML content page with an appropriate include call. This has the added benefit that, for your JavaScript, you can pull the contact form from this snippet file using AJAX. In fact, many plugins allow you to display DHTML windows with HTML content. For example, check out ThickBox.
Without a server-side language, you can do something similar with frames. Just display the form snippet in a frame when you need to reference it. Personally, I don't like frames very much, so this isn't a very attractive solution for me, but you can use it if you choose (and style the frames appropriately).
Just put your HTML for the contact form in a .html file. Assuming you're using PHP or something, just include the file in your contact page and include it in the section for your dynamic contact form. The form should still submit to the same server-side page and have the same look and feel..
e.g. contactForm.html
<div class="contact-form">
<input ....>
</div>