geeky help: let's play "find the automatic form submission method"

[topaz]

I have noticed recently on several news sites that loading a page makes my browser try to submit a form someplace.  I know this because my Firefox is configured to warn me whenever I submit a form that's not encrypted, and each time I load one of these pages I get a warning:

The information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.  Are you sure you want to continue sending this information?

I'm assuming that all of these sites are using some kind of AJAX toolkit that reports reading statistics back to the mothership, and while to some degree I don't care, the warnings and the sense of deception are making me cranky and I want to stop it.

This is the challenge to you geeks: can you figure out which code in the page is making this happen?  And can you tell me how you figured it out?  An example of a page which triggers this behavior for me:

http://blogs.usatoday.com/ondeadline/2008/03/latest-informat.html

(If that one expires just let me know and I'll find the other one.  Reuters.com has begun doing this to me nonstop.)

For my own part, I used "View JavaScript" in the Web Developer Firefox add-on and searched for "submit".  In addition to about eleventy-leven methods and variables including "submit" in their name, there are at least two that actually call the form.submit method, one of which is an "initialize" function in http://js.usatoday.com/_common/_scripts/_community/directapi/pork.iframe.js.  So I think that's the likely culprit but I'm not confident enough of my JavaScript to go all Hercule Poirot on its ass.

If I can identify the method that's making this happen I'll see if I can figure out how to kill it with Greasemonkey.  If some of you web hotshots can help me figure out what's happening I would love to learn from your madness.

Comments

[trom.livejournal.com]

In webdeveloper, use Forms->Display Form Details. In this case, look at the bottom of the usatoday.com page and you'll see a jsonRequest which is what I think you're seeing, since that's an ajaxy thing that folks use for autosubmits.

[points.livejournal.com]

If it is AJAX, it will likely be using a variant of XMLHttpRequest, or a library or other variant. Look for included javascript - I'm not sure if the WebDevel plugin 'digs' into javascript that's been included as another page/file.

I use Firebug for all my down and dirty JS devel needs on Firefox.

Losing Battle

[faulkner.myopenid.com (from livejournal.com)]

The way I see it you need to either disable Javascript entirely, or live with the fact that sites will use it to collect information about you. You only noticed this case because they use a POST. They could just as easily use a GET and encode information about you in the URL (and I'm sure some sites do).

[sandhawke.livejournal.com]

I'll note that ajax toolkits often use POST when they probably should use GET (for reasons which are not clear to me - perhaps bug workarounds?).

So the form POST might just be an ajax query for more news items, etc.

[docstrange.livejournal.com]

You can always fall back to tools like Paros and Priamos to proxy your own connection and detail view each back-n-forth transaction to figure out precisely what's going on...