You're replying to a comment by thick.

thick Permalink
June 11, 2012, 09:05

It'd maybe be smart to clear the form before posting it back to your own server (if you're putting node behind a proxy with request logging). And for that matter, you could also append the submit button to the form via JS so that a user won't post it directly to your server if they happen to have JS turned off... After all, the point of everything Stripe's doing is to AVOID posting sensitive data to (potentially) insecure servers.

Reply To This Comment

(why do I need your e-mail?)

(Your twitter name, if you have one. (I'm @pkrumins, btw.))

Type the first letter of your name: (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.