Archived copy of A Swedish wolf in Norway

My girlfriend tried to log in to Nordea yesterday to pay a bill, but kept getting weird error messages about the URL “submit” not being found. I found this weird, since logging in to the same bank had worked fine just a couple of days earlier, when the machine was running Opera 8.54.

After a quick look at the source code I found the culprit:

In HTML 4.01, to indicate that a button is the submit button you can use the type attribute, either type="submit" (for a regular button) or type="image" (for an image button), on the <input> element. However, the web-duh-signer for Nordea's Internet bank had used the illegal attribute action="submit" on the element. For a HTML 4 browser this does not cause any problems, since the attribute would just get ignored.

Enter Web Forms 2. The specification adds support for the action attribute on input elements, to allow for forms data to be submitted to different locations depending on which button you select. A very useful addition if used correctly, but in this case a very devastating option since it means that the incorrectly coded submit button would take you to a non-existant URL.

This is a good example of why you should take time to validate your documents. While the page might work fine for you, you just might have used an invalid attribute that can cause problems in the future.

Update: I e-mailed Nordea about the problem and got a prompt reply stating that they are aware of it, and will fix it after the summer holidays. Thumbs up to Nordea for the fast and friendly reply!