written 6.2 years ago by
teamques10
★ 64k
|
• modified 2.2 years ago |
Subject: Advanced Internet Technology
Topic: Responsive web design with HTML5 and CSS3
Difficulty: High
|
written 6.1 years ago by
teamques10
★ 64k
|
A hidden field is used to pass along variables and values from one form to another, without forcing the user to re-enter the information. In addition, it is not displayed by the browser.
You can create a hidden field by using the INPUT element and setting its type attribute to hidden. The attribute of the INPUT elements that specifies the features of the hidden field are as follow:
Name: specifies a name of the hidden field
Value: Specifies the value that is to be displayed by default in the hidden field.
As mentioned above, hidden inputs can be used anywhere that you want to include data the user can't see or edit along with the form when it's submitted to the server. Let's look at some examples that illustrate its use.
1. Tracking edited content
One of the most common uses for hidden inputs is to keep track of what database record needs to be updated when an edit form is submitted. A typical workflow looks like this:
2.Improving website security
Hidden inputs are also used to store and submit security tokens or secrets, for the purposes of improving website security. The basic idea is that if a user is filling in a sensitive form, such as a form on their banking website to transfer some money to another account, the secret they would be provided with would prove that they are who they say they are, and that they are using the correct form to submit the transfer request.
This would stop a malicious user from creating a fake form, pretending to be a bank, and emailing the form to unsuspecting users to trick them into transferring money to the wrong place. This kind of attack is called a Cross Site Request Forgery (CSRF); pretty much any reputable server-side framework uses hidden secrets to prevent such attacks.
and 2 others joined a min ago.