Look at this article as a "how-to" for testing your forms for a specific vulnerability, hijacking by inserting certain information into the header of email your form processing software sends out.
Once in a while we receive reports from web site owners that a visitor had to re-fill in all fields after submitting a form and then clicking the "back" button to correct information. All the fields go blank.
The primary function of a textarea field is to accept input from a form user for the form processing script to do stuff with. You see their use in feedback forms, for example.
You go to a web page without a form or prompt indicating it might double as a secret access to another web page. You go ahead and type a certain sequence of characters on your keyboard. If you get it right, you are redirected to a secret web page.
How many old, unused (or under-used) CGI scripts do you have lingering on your server, taking up space? You may not be as guilty of abandoning CGI software in lieu of newer versions as we are (we've been creating, and testing software on the same server for 8 years) but odds are you've got a few dusty, unused scripts lurking about.
Although I've written several articles that included examples of positioning, such as "Instant Info" and the "No-Kill Pop Box" series, it occurred to me that I've never written an article about how to do the positioning itself.
Something I've noticed since I started using non-IE browsers is that download instructions are provided, they're almost always specifically for the IE browser on Windows operating systems (right-click on the link then select "Save Target As..."). What about Firefox? Opera? Macintosh browsers?