For the most part, the HIDDEN tag is used so that you can pass administrative data. As such, it takes a NAME and a VALUE attribute.
For example, consider the following hidden field...
<FORM> <INPUT TYPE = "HIDDEN" NAME = "admin" VALUE = "selena"> <INPUT TYPE = "HIDDEN" NAME = "form_version" VALUE = "2.1"> </FORM>
In this case, the browser would simply tag on the following name/value pair in the HTTP message body:
Since the user is not concerned with this administrative data, it is hidden from them. However, you can pass as much data as you want using this input method
Regardless, we will talk a lot more about hidden fields tomorrow when we discuss "state maintenance" in more detail.
It is important to note that a crafty user could view the source of your form, copy it to their own web server, change the values of the hidden fields, and submit the faulty data to your server. So you cannot assume that hidden data is totally secure.
|Previous | Next | Table of Contents|