Safari auto-fill considered harmful

Published on:

The buggy form auto-fill feature in Safari has put me in trouble in the past as I reported already. But here is another nasty strike that just happened while I was adding a comment on this site:

safariautofill.gif

As you can see, had I not seen the pre-filled URL, I would have spammed my own weblog! It's a chance I caught it before submitting the form, as normally this information is pre-filled using a cookie. I guess that Safari decided that the URL field had to be filled with the information of the last comment-spam I had deleted before.

If you are using the auto-fill feature in Safari, you'd better double check what it decides to fill in itself!

Update: in the AutoFill Web Forms preferences, I unchecked Other Forms to prevent Safari from filling out anything but personal info and authentication forms. It didn't prevent Safari from continuing to autofill "other forms" as usual (like when I delete a comment spam on MT). I really don't like that.