html forms

[Rebekha Ljoekelsoey]

Can I ask for clarification regarding hidden elements in forms and the use
of the mailto:

I have recently been told that the inclusion of the mailto: will render the
form inoperative
<input type="hidden" name="recipient" value="mailto:[email protected]">

Mailto: in the hidden field shouldn't be there are it makes the form
inoperable. Mailto: should only be used in a normal email link.

Your comments would be warmly appreciated

 

[Benjamin Niemann]

Can I ask for clarification regarding hidden elements in forms and the use
of the mailto:

I have recently been told that the inclusion of the mailto: will render
the form inoperative
<input type="hidden" name="recipient" value="mailto:[email protected]">

Mailto: in the hidden field shouldn't be there are it makes the form
inoperable. Mailto: should only be used in a normal email link.

Your comments would be warmly appreciated

Never heard of a problem with such values. From the browsers point of view
it is just some text that is to be sent to the server along with the other
values from visible or hidden controls.

Using 'mailto:...' for the ACTION attribute of the FORM element does often
not work as intended, because it requires fully configured mail setup on
the visitors computer - something that is not available, if the user uses
webmail or no mail at all.

And 'mailto:...' may not work in A HREF for the same reason.

 

[Rebekha Ljoekelsoey]

Never heard of a problem with such values. From the browsers point of view
it is just some text that is to be sent to the server along with the other
values from visible or hidden controls.

Using 'mailto:...' for the ACTION attribute of the FORM element does often
not work as intended, because it requires fully configured mail setup on
the visitors computer - something that is not available, if the user uses
webmail or no mail at all.

And 'mailto:...' may not work in A HREF for the same reason.

many thanks for the answer, I am having terrible problems with an examining
board who insist that the form will NOT work with the mailto included

Rebekha

 

[Benjamin Niemann]

many thanks for the answer, I am having terrible problems with an
examining board who insist that the form will NOT work with the mailto
included

Having a second thought on it...
Something that may or may not work with the 'mailto:' is the server-side
script that recieves the form data. But this is an implementation detail of
this specific piece of software and you should consult the documentation
about what values the script expects.

 

[Alan J. Flavell]

Can I ask for clarification regarding hidden elements in forms and
the use of the mailto:

I have recently been told that the inclusion of the mailto: will
render the form inoperative

<input type="hidden" name="recipient" value="mailto:[email protected]">

Mailto: in the hidden field shouldn't be there are [as?]
it makes the form inoperable.

^^^^^^^^^^^^^^^^^^^^^^^^^

That is obviously meaningless in the terms in which it is stated.
"The form" will do nothing more nor less than submit an appropriate
character-string value to the server. What then happens, depends on
the server-side script, which is not in evidence here.

Mailto: should only be used in a normal email link.

There isn't any "link" in evidence here - only a "form control" (to
use the language of the HTML4 spec). Its value is just a string of
characters - with no particular meaning until the server-side script
does something with them, and thereby assigns them meaning.

Maybe they're trying to tell you that the server-side script cannot
process this value in its terms? We really have no idea.

Your comments would be warmly appreciated

Then again, maybe your critic is confusing it with:

<form ... action="mailto:...">

which is surely not a good idea. Or maybe you are?

By the way, it would be CRAZY to allow a script to accept an email
address from an unidentified web user, and then send a mail to that
address: that's called a "spam relay", and will cause severe
headaches as soon as the usual suspects find it.

 

[Rebekha Ljoekelsoey]

Can I ask for clarification regarding hidden elements in forms and
the use of the mailto:

I have recently been told that the inclusion of the mailto: will
render the form inoperative

<input type="hidden" name="recipient" value="mailto:[email protected]">

Mailto: in the hidden field shouldn't be there are [as?]
it makes the form inoperable.

^^^^^^^^^^^^^^^^^^^^^^^^^

That is obviously meaningless in the terms in which it is stated.
"The form" will do nothing more nor less than submit an appropriate
character-string value to the server. What then happens, depends on
the server-side script, which is not in evidence here.

Mailto: should only be used in a normal email link.

There isn't any "link" in evidence here - only a "form control" (to
use the language of the HTML4 spec). Its value is just a string of
characters - with no particular meaning until the server-side script
does something with them, and thereby assigns them meaning.

Maybe they're trying to tell you that the server-side script cannot
process this value in its terms? We really have no idea.

Your comments would be warmly appreciated

Then again, maybe your critic is confusing it with:

<form ... action="mailto:...">

which is surely not a good idea. Or maybe you are?

By the way, it would be CRAZY to allow a script to accept an email
address from an unidentified web user, and then send a mail to that
address: that's called a "spam relay", and will cause severe
headaches as soon as the usual suspects find it.

Thanks for this The Examining Board are insisting that the inclusion of
mailto: in the hidden section
<input type="hidden" name="recipient" value="mailto:[email protected]">
of the form will render it inoperable and who are we to argue with the
Oxford and Cambridge Examining Board

Manny thanks for all your help

Rebekha Magne Ljoekelsoey

 

[Steve Pugh]

Can I ask for clarification regarding hidden elements in forms and the use
of the mailto:

Normally the answer is don't use mailto in forms because normally
people are trying to do something stupid like <form
action="mailto:[email protected]">

I have recently been told that the inclusion of the mailto: will render the
form inoperative
<input type="hidden" name="recipient" value="mailto:[email protected]">

It might, it might not. The above is perfectly fine HTML. What it does
as part of a form submission is outside the realms of HTML.

Mailto: in the hidden field shouldn't be there are it makes the form
inoperable.

That depends entirely on the script that handles the submitted form
data. If the script is expecting an e-mail address then including
mailto: will screw things up. Of course of the script is expecting an
e-mail address and will just send the form submission to that e-mail
address then you have other problems...

Mailto: should only be used in a normal email link.

And only then with care.

Your comments would be warmly appreciated

What's the big picture?

Steve

 

[Rebekha Ljoekelsoey]

Normally the answer is don't use mailto in forms because normally
people are trying to do something stupid like <form
action="mailto:[email protected]">


It might, it might not. The above is perfectly fine HTML. What it does
as part of a form submission is outside the realms of HTML.


That depends entirely on the script that handles the submitted form
data. If the script is expecting an e-mail address then including
mailto: will screw things up. Of course of the script is expecting an
e-mail address and will just send the form submission to that e-mail
address then you have other problems...


And only then with care.


What's the big picture?

Steve
--
"My theories appal you, my heresies outrage you,
I never answer letters and you don't like my tie." - The Doctor

Steve Pugh <[email protected]> <http://steve.pugh.net/>

Big picture. I recently had several candidates enter an examination and they
all failed for including the mailto: in the hidden element of an html
interactive form. The examining body said that this action resulted in
making the form inoperative, now I know and you know that this is not true
as all the mailto: in a hidden element produces is a copy of the forms
content to be sent to the recipient along with the webmail thingy.
Very frustrating, but who can argue with OCR

RML

 

[Steve Pugh]

Big picture. I recently had several candidates enter an examination and they
all failed for including the mailto: in the hidden element of an html
interactive form.

Why did they do so? Were they used to working with a form that
required such a construction (which is odd)? Did the exam question
give any information about why any hidden field would be needed at
all?

The examining body said that this action resulted in
making the form inoperative,

Which it might, as I explained above. (Assuming that 'inoperative'
means that the form submission will not be processed properly. There's
nothing about this construction, odd though it may be, that will stop
the form being submited, it just might all go wrong after that...)

now I know and you know that this is not true

I know no such thing. As I haven't see the script on the server
handling the submission of the form (have you?) then I can't say
whether it can cope with this particular value in the submission.

as all the mailto: in a hidden element produces is a copy of the forms
content to be sent to the recipient

That doesn't sound at all likely. If the contents of the form
submssion are to be mailed to the address specified in a hidden form
field then that hidden form field should contain just an address. Not
an address preceeded by the characters mailto:.

The script handling the form submission may be able to handle it with
the extra characters as well, but why should it?

And as I implied earlier, any form-to-email system that relies on the
recipient being given in a hidden field is badly coded in the first
place. Does the script on the server check to see whether anyone has
tampered with the data and substituted a different address there? Does
it allow mailing to any domain? In other words is this is a gift horse
to spammers?

along with the webmail thingy.

Now you've totally lost me.

Very frustrating, but who can argue with OCR

Um, you can if you want to. But without seeing the syllabus, course
notes, the exam in question and your students' complete answers I
can't really say whether you'd be arguing from a correct or incorrect
position.

Steve

 

[Rebekha Ljoekelsoey]

Thanks for your considerable help
">

 

[Toby Inkster]

many thanks for the answer, I am having terrible problems with an examining
board who insist that the form will NOT work with the mailto included

The form will work. The server-side script may or may not be able to
handle the input -- but without seeing the documentation, or source code
for the server side script, this is impossible to judge.

If OCR didn't provide source code or documentation for this particular
script, either in the exam or syllabus, then the question is unanswerable.

I'd be happy to write to them with a message to that effect if you like.
Just e-mail me. ("From" address on this message will be valid until the
end of April.)

 

[Rebekha Ljoekelsoey]

Thank you for all your help, it has been very much appreciated