HTML and CSS Reference
9.4.1. Problems with Email Forms
If you choose to use either mailto or a form-to-email facility, there are
several problems you may have to deal with:
• Your forms won't work on browsers that don't support a mailto
URL as a form action. All of the currently popular browsers do
support mailto forms.
• Some browsers, including some early versions (pre-version 5) of
Internet Explorer, do not properly place the form data into the
email message body and may even open an email dialog box,
confusing the user.
• A mailto URL doesn't present users with a confirmation page to
assure them that their forms have been processed. After execut-
ing the mailto form, the user is left looking at the form, as though
nothing had happened. (As we did in the preceding example, use
onClick event handler.)
• Your data may arrive in a form that is difficult, if not impossible,
to read, unless you use a readable enctype , such as text/plain.
• Most importantly , you lose whatever security protections the
server may have provided with the form.
The last problem deserves additional explanation. Some web providers
support secure web servers that attach an encryption key to your web
page when sent to the user's browser. The popular browsers use that
key to encrypt any data your document may send back to that same
server, including the user's form data. Because only the client's browser
and the server know the key, only that server is able to decipher the in-
formation coming back to it from the client browser, effectively securing
the information from nefarious eavesdroppers and hackers.
However, if you use email to retrieve the form data, the server decrypts
it before packaging the form information into the body of an email