RSS FeedIE7 and the JavaScript Prompt
IE7 has shipped and its probably (by and large) a decent browser now. But of course it wouldn’t be Microsoft if they didn’t mess up something. First in what will probably be a long line of security related “features”, Microsoft have decided to modify the way that the good old JavaScript prompt works.
The reason? Phishing sites impersonating or even superimposing themselves on real web sites were using the prompt to lure gullible users into providing credit card numbers, passwords and all sorts of powerful data. So now whenever a web page wants to use a prompt you have to click on the unnoticeable security bar at the top of the browser and “allow” temporary access. To make matters worse the prompt presented is ugly and out of place.
I’m not saying that a prompt is the best way to ask the user for data, but given the whole Web 2.0 movement there are numerous occasions where the prompt is a useful and elegant solution to on-the-fly input. The worst part is that the unscrupulous underbelly of the internet will end up using a modal window or a clever floating div about 15 seconds after they realize their old technique doesn’t work and then who loses? Why, the web 2.0 programmer that thought a JavaScript prompt was a no-brainer in terms of cross-browser support.
Phishing works because people are stupid, making your browser idiot-proof is a surefire way to drive yourself crazy.
Score one for stupidity.
Tags: IE, javascript, stupid