I was learning forms in HTML and had a set of javascript code that is needed(I think) to make the GET method work. I copied the javascript code and the error I got is the Template literal turns into string for some reason.
For the input tags to be functional, I think. Iâm not fully aware of the concept of that code because I had learned javascript for like a month then switched to HTML two weeks ago, so my knowledge is pretty vague. I copied it because the dude told me to.
I know this is an example from some tutorial, but in the real world please donât ever send passwords in a GET request. Intermediate proxies are allowed to cache GET requests, and you really donât want that!
A real-world case about why maintaining security standards is vital, even when dealing with example code, is from recent zero-day attacks involving NGINX. They made the mistake of publishing a âLDAP Reference Implementationâ that lacked suitable security precautions, and later on stated that you shouldnât ever use that reference implementation in the real world when people were using that.
Things like that help to reinforce for me that the âtyranny of the defaultâ means that people use it as-is without much if any modification. Proper standards need to be maintained throughout to help deal with that.
The closing </form> tag is right after the <form ...>, so, none of the form fields, nor the submit button, are within the form.
For a form field to include its data when the form is normally submitted, it must have a name='...' attribute. Only the ânameâ field, has one. The âpasswordâ field does not.
Each field should have a valid type='...' attribute. The ânameâ field does not have any, but the default is type=âtextâ. The âpasswordâ field has an invalid type attribute, so, its type is also text.
The current default type=ââŚâ attribute for a <button... > is type=âsubmitâ, but this has changed over time and some clients may not follow this standard. You should always specify type='submit' in the button tag when using it as the submit button for a form.
<label>...</label> tags either need to be tied to the field through an id, or more simply just put the them around the field they belong with.
Unfortunately, these type (no programming pun intended) of mistakes occur when you are just repeating things you have seen, without actually learning the meaning/requirements of what you are doing. You are left without the necessary knowledge to find and fix problems when they donât work, nor can you write original code based on what you have seen and cannot accurately recall. Writing code requires that you learn and internalize the meaning of the keywords and syntax, so that when you write or read it you can recognize when it is right or wrong, rather than relying on some past memory of what you think it should look like.