Why is my hidden HTML form field showing up before submitted?

LouisChung
January 10, 2024
174 views
0 votes
2 Answers

I was trying to send a POST using HTML and it works fine.
The only concern I have is it shows the data before submission.
And I don’t want our user to see data showing on their browser, even if it’s only one second.
What do you think I should do to avoid this?

<form name="form1" id="form1" action="{{ $endpoint }}" method="post">
  <input type="hidden" name="data" value="{{ $data }}">
</form>
<script>
  document.getElementById('form1').submit();
</script>

I add a type="hidden", but it doesn’t help.

Answers

- JanBancerewicz
- January 10, 2024 at 12:01 am
- 0 votes
0
You can add the data to the session instead of sending a form:
```
    <?php
    session_start();
    $_SESSION['data']=$data;
    ?>
```
Then use
```
    if(isset($_SESSION['data']))
    {
    $data=$_SESSION['data'];
    echo"$data";
    }
```
This would require you to rename the file to .php extension, however your application will work server-side and users will not be able to see the data you are transfering.
Login or Signup to reply.

- SaeedMohteshami
- January 10, 2024 at 8:12 am
- 0 votes
0
Appends form-data into the URL in name/value pairs
The length of a URL is limited (about 3000 characters)
Never use GET to send sensitive data! (will be visible in the URL)
Useful for form submissions where a user wants to bookmark the result
GET is better for non-secure data, like query strings in Google
Notes on POST:

Appends form-data inside the body of the HTTP request (data is not shown in URL)
Has no size limitations
Form submissions with POST cannot be bookmarked

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.