I would like to point out the potential misuse of the "email to a friend" feature (customers are able to share product links with friends).
The store owner can configure that only logged in users are able to use this feature and something with "Limit sending by: IP Address" (don't know what this does) -- quite well so far. The catch is, one can change the name and the email address of the sender in the form to arbitrary values. In my opinion, that leads to a potential misuse of this feature because one (stalkers etc.) can use this to easily write anonymous messages to their victims.
For sure, registering with an anonymous email and a fake name is always possible but at least these can be identified by the store owner.
Expected behavior
One can not change the name and the email address of the sender in the "email to a friend" form.
Benefits
I'm well aware that the misuse can not completely prevented in this way. At least It becomes more difficult to misuse this function.
Store owners at least have a chance to identify the malicious users.
Description
I would like to point out the potential misuse of the "email to a friend" feature (customers are able to share product links with friends).
The store owner can configure that only logged in users are able to use this feature and something with "Limit sending by: IP Address" (don't know what this does) -- quite well so far. The catch is, one can change the name and the email address of the sender in the form to arbitrary values. In my opinion, that leads to a potential misuse of this feature because one (stalkers etc.) can use this to easily write anonymous messages to their victims.
For sure, registering with an anonymous email and a fake name is always possible but at least these can be identified by the store owner.
Expected behavior
One can not change the name and the email address of the sender in the "email to a friend" form.
Benefits