<form>s inside books

[GoogleCodeExporter]

I've seen a book come through that (accidentally) had an embedded <form>
element.

On the one hand I can see some value in this, I guess, for digital
textbooks that might allow the reader to answer a question and validate it
externally.

On the other than it's a big phishing invite.  "ENTER YOUR BOOKWORM
PASSWORD HERE."  Especially if someone took the trouble to mock up the HTML
to match the Bookworm layout.

Should we kill <form> the way we already do with <script>?  

Potentially later it could be allowable on a per-book /
signed-by-a-publisher basis.

Original issue reported on code.google.com by liza31337@gmail.com on 20 Feb 2009 at 9:07

[GoogleCodeExporter]

It'd be nice if the implementation didn't prevent ever handling <form>s, but I'd
strip these for the time being.

Original comment by abdela...@gmail.com on 23 Feb 2009 at 3:49

[GoogleCodeExporter]

Original comment by liza31337@gmail.com on 23 Feb 2009 at 7:57

• Changed state: Accepted