> There is no way, even in theory, of determining what was visible on screen.
There is - both in theory and in practice. Otherwise you'd get text drawn over other elements instead of scrollbars when you write too much text inside the edit box.
Doesn't the edit box's display logic run in the browser? If you get a POST request from me, how do you know I sent it through visiting your web page instead of from curl?
In general, you don't. A common method to ensure it comes from a web page is Cross Site Request Forgery (CSRF) protection, which you'll probably want to look up if you're interested. In short, it uses a hidden form field sent with the data, and usually duplicated in a cookie. When you submit the form, the hidden field data and the cookie data are compared, if they match it can be assumed you posted via the web page.
Sorry if that's not what you were asking, and note there are lots of different ways to do this, that's just one example.
There is - both in theory and in practice. Otherwise you'd get text drawn over other elements instead of scrollbars when you write too much text inside the edit box.