The Form Tag
Fill-out forms begin with <form> and end with </form>. The FORM tag has two required attributes, METHOD and ACTION, and one optional attribute, ENCTYPE.
Most fill-out forms use a FORM tag in this format:
<form method="post" action="http://www.utexas.edu/teamweb/cgi-bin/generic.cgi">
Various form elements
The ACTION Attribute
The ACTION attribute of the form tag specifies the URL of the application which processes the web form.
Generally, the URL of the ACTION attribute is the location of a cgi script.
The examples in these pages currently do not point to a script and do not produce any action.
The METHOD Attribute
There are two possible values for the METHOD attribute of the FORM tag:
- In a form using the POST method, when the submit button is clicked, the web browser contacts the server on which the form-processing script is located then sends all of the data from the form to the script.
- There is no size limit to the amount of data the server can pass to a script using POST.
- In a form using the GET method, when the submit button is clicked, the web browser appends all of the data from the form to the end of the URL specified in the ACTION attribute then contacts the web server with the extended URL.
- The amount of data which can be passed to a script using the GET method is limited to the length of URL which the server and browser can both handle.
- There is an increased security risk when using the GET method for transferring sensitive data with a web form, since the extended URL created with the GET method is transferred to the web server in an insecure manner even when using a secure web server.
- When using the GET method on web forms which use scripts on the ITS web servers, you must include the hidden fields which specify the user and the script. The CGI page contains more information about this issue.
TeamWeb recommends using method="post" since it is more secure and does not limit the amount of data which can be gathered by the web form.
The ENCTYPE Attribute
The ENCTYPE attribute is specified when writing a web form which uses a mailto: URL for the ACTION attribute, which is supported by versions 3 or higher of Netscape Navigator and versions 4 or higher of Internet Explorer.
When using a mailto: URL as the form's ACTION, the tags will look like:
<form method="post" action="mailto:firstname.lastname@example.org"
Various form elements