Because Web 1.0 was the age of security
-
I was looking for a Dilbert plush doll for my desk and I found a site with a Dilbert, a PHB, and a "Catbert" (I'm assuming misspelled Dogbert by the looks of it) and grabbed my credit card. The site looked a bit old, and a bit amateurish, but I really wanted my toys! I took one look at the page, quickly skimmed the source, and got the hell out of there.
The Items: [url]http://www.dogcollector.com/vintagestuffed1.htm[/url]
The Order Form: [url]http://www.maiasaura.com/orderform.htm[/url]
-
Use this form to send us your contact information and credit card information SECURELY.
+
<FORM ACTION="http://www.dogcollector.com/cgi-bin/dogcollectorMailForm.pl" METHOD="POST">
= WTF?
-
-
[quote user="bobday"]
[/quote]True enough, but the pictured doll is Dogbert and labelled Catbert.
-
<input type=hidden name="recipient" value="maiasaura@dogcollector.com">
-
[quote user="j_pilborough"]
Use this form to send us your contact information and credit card information SECURELY.
+
<FORM ACTION="http://www.dogcollector.com/cgi-bin/dogcollectorMailForm.pl" METHOD="POST">
= WTF?[/quote]Truth by repeated assertion.
-
[quote user="j_pilborough"]
Use this form to send us your contact information and credit card information SECURELY.
+
<FORM ACTION="http://www.dogcollector.com/cgi-bin/dogcollectorMailForm.pl" METHOD="POST">
= WTF?
[/quote]I'd think is even more of a WTF...
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
Heck, that's less WTF, more "Idiot deserves to have his site hacked to hell and back".
-
-
Ha! Has anyone tried to submit the form with bogus data? It doesn't even work!
-
[quote user="The Last TMNT"]Ha! Has anyone tried to submit the form with bogus data? It doesn't even work!
[/quote]Sure it worked, I got this page:
http://www.dogcollector.com/orderconfirmation.htm
I liked this part:
<font face="Verdana">
Pay SECURELY by credit card using ProPay! click here, and we will send you a ProPay Invoice. It's FREE, secure and you don't have to be a ProPay member to pay us!
YES! Send me a ProPay Invoice!
I will provide my credit card info via ProPay <font color="#000000">
<input maxlength="1" name="propay_checkbox" size="1" type="text" /></font><font color="#4d725c">
</font>
<font color="#000000">Otherwise: Please tell us your credit card information ( if you are paying by VISA/MC). See
our CHECK OUT page for other payment
options.</font></font>So I can either pay securely, or I can just enter my card number. It actually tells me in a roundabout way that entering my credit card number here isn't secure! But wow, they really make the user read between the lines, no?
This site looks a lot like something I did for a web course assignment when I was in college -- perhaps this is just someone's homework? Although it's strange that it has a real url.
-
I suppose the Paypal option is the only chance of having a truly secure order sent to them. God only knows what their card processor, Propay, does behind the scenes.
(Oddly enough, I have the same Husky plush in my closet from years ago...)
-
That's closer to web 0.9a security.
