Re: Growing Bad Practice with Login Forms

[<athena () buyukada co uk>]

> A sidetrack, but this sounds like an effective silver bullet
> solution--I'm not aware of an application or browser plugin that shows
> the _effective_ source for any page, or perhaps lets you select areas
> of a page and see all the scripting that pertains to it, but there must
> be one, if this problem exists.
> Of course, this still wouldn't help the average user, but it would
> provide an extra level of defense to someone willing to do a bit of
> extra work.

<MS Specific stuff>
Hmmm... You *could* use the shdocvw.dll interface in IE to do this kind of
stuff via onbeforenavigate2 (I think), but it'd only show up when you
click on a link. There is a class with some stuff that allows you to
extract all the links in an mshtmldocument, but I haven't tried it on
complex pages yet. If I get the chance does anyone know of some
particularly nasty javascript driven pages with dodgy links an nary a href
to be seen? Let me know and I'll give it a try, then try to post back this
afternoon with my results.</MS Specific stuff>

<Suitable for non-MS Browser users>
This post requires Internet Explorer 6 or above to be relevant. Anyone
know of an equivalent Moz/Safari interface that could be (ab)used?</Suitable for non-MS Browser users>

Steve