All the browsers by default remember information that the user submits through fields on websites. It enables the browser to offer auto-completion. This feature is usually enabled by default, but it can be a privacy concern for users, so browsers can let users disable them. But it is essential to know that if you want to create a website where you are getting information about the user’s name, age, and email_id, etc that is by the browsers by default. If you disable the autocomplete in your site then you are breaking the rules. It is illegal to set autocomplete=”off”. The autocomplete is set to off maybe secure for the user but it is against the rules.
But for the testing and knowledge to disable auto-completion in forms, you can set the autocomplete attribute to “off”:
Setting autocomplete=”off” on fields has two effects:
- It tells the browser not to save data inputted by the user for later autocompletion on similar forms, though heuristics for complying vary by browser.
- It stops the browser from caching form data in the session history. When form data is cached in the session history, the information filled in by the user is shown in the case where the user has submitted the form and clicked the Back button to go back to the original form page.
Example: This example illustrates the above approach.
Note: In addition to autocomplete=”off”, you could also have your form field names be randomized by the code that generates the page, perhaps by adding some session-specific string to the end of the names.