Home/ Questions/Q 7697417
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T22:00:31+00:00

I have a confusion, i was going through a blog and in its comment

  • 0

I have a confusion, i was going through a blog and in its comment it was suggested that target=”_self” is vulnerable. It is true, if yes how we can fix it?

<form action="../process.php" method="post" name="login-form" target="_self">
    <div class="FormItem">Username:
      <span id="sprytextfield1">
      <input class="textbox" type="text" name="text1" id="text1">
      <span class="textfieldRequiredMsg">A value is required.</span></span>
      </div>

      <div class="clear"></div>

      <div class="FormItem">Password:
        <span id="sprypassword1">
        <input class="textbox" type="password" name="password" id="password1">
      <span class="passwordRequiredMsg">A value is required.</span></span>
      </div>

      <div class="FormItem">
      <input name="login-submit" type="submit" value="SUBMIT">
      </div>
    </form>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    it has nothing to do with security

    the last time i used target, it was just to tell the form where the results are to be displayed, be it in the page itself, an iframe, or another frame in a frameset. as far as i know, it’s pretty much useless.

    here’s a reference from sitepoint, indicating that “target” in forms are deprecated. (Hint: they died with Frameset)

    The target attribute is deprecated, and, like the use of frameset for layout purposes, it’s no longer widely used. However, if you do find yourself having to maintain a frameset-based web site, you may wish to present the results of a form submission in a separate frame. For example, you might work with a two-framed page that displays the search form in the first frame and the search results in the second frame, refreshing only the results frame each time the form is submitted.

    • 0