Many webpages include one or more web forms that commonly have fields to collect information from users to transmit to a server for processing. Common examples of web forms include payment forms, registration forms, shipping forms, etc. These web forms are commonly the target of bots and other malicious software. For example, a malicious webpage crawler may load a website and programmatically find form fields and using that information, construct malicious requests directed to the server delivering the web page (e.g., the origin server). In addition, keyloggers (hardware or software that captures keystrokes), local network-sniffing malware, and/or browser-based malware may intercept/sniff requests in an attempt to understand the Application Programming Interfaces (APIs) used by the website for directed attacks.
The HTML of the web form may include one or more HTML attributes (sometimes referred herein as form attributes). An attribute typically takes the format of a name/value pair such as “name=‘value’” where the “name” portion identifies the name of the attribute and the “value” portion sets the attribute to the provided value.