Safari wrecked our forms!

A wreck on the rocks

One of our long-standing policies at Pro Epic is to host web forms separately from our websites. The main reason is to reduce the attack surface of our customer's sites. Many websites are hacked using exploits or weaknesses in their online forms. We eliminate that risk by hosting our forms on a different domain or sub-domain. That makes it impossible for an attacker to gain access to our customer's website by hacking the contact form, as an example.

 

The form system that we use supports multi-page forms as well as saving a form and coming back later to finish it. The form system sets a cookie in the user's browser to support those functions. The form is embedded in the website using a bit of javascript. The forms are responsive and adjust to the website size, colors, etc. To the user, the form appears to be part of the website.

 

That system has worked flawlessly for us for years, until last week anyway. Last week we were alerted by one of our customers that a page on their webpage was jumping and flashing and was unusable. When we investigated, we could not reproduce the problem. We were only able to reproduce the issue after upgrading our iPad to iPadOS version 13.3.1.

Continue reading
 358 Hits
 0 Comments