This page allows you to test your web forms for all sorts of input. Normally, your browser will restrict what data you can enter in the form. For instance, one-line text fields cannot contain more than one line, and some fields are hidden and can thus not be changed. However, publically accessible forms will eventually be picked up by automated programs that scan the Internet for vulnerable forms. They send the form's data directly to your web site script and therefore have no restrictions on what can be entered in the form, thus for instance being able to change hidden form values and bypassing the one-line-per-field restriction a normal browser would impose on form data. It can thus be vital to test your form for all sorts of (invalid) input. You can use this test form to remove some restrictions in your web forms so you can manually check your forms for all sorts of (invalid) input.
A notorious and more sinister example of what unsecure web forms are capable of is that they can be hi-jacked by spam robots. If your web form sends out e-mails via your web server (like most contact forms do; they convert the text the user entered into an e-mail addressed to you), it can be vulnearble to spam relay activity. When a spam robot scans your web form and discovers it's vulnerability, your web server will likely transform into a spam sending machine thus sending spam out in your name. This might even get your e-mail address or web domain black-listed as a result. More background information about this threat can be read on our spam robot page.
This test form will load your own form, make a copy of it, modify the fields according to the settings you specify, and shows you the modified form in a new window. You can then test your form submission script for all sorts of (invalid) input. The modified form will probably be fully functional; if not, please contact us with details on what is not functional in your case.
There are several options you can specify for modifying your form. These are: