WebAIM - Web Accessibility In Mind

E-mail List Archives

Re: Opinions please

for

From: Kynn Bartlett
Date: Jul 12, 2002 10:07AM


At 12:14 PM -0400 7/12/02, John Foliot - bytown internet wrote:
>Their concern however is on server load - the form
>is part of a huge enterprise with potentially hundreds of thousands of
>"hits" daily. The question was then posed - could they use JavaScript as
>the primary means of form verification, with a server side redundant back-up
>for user agents which do not support client side scripting?

Yes, that's fine.

Note that for matters of pure security they will want to do server-side
checking ANYWAY because anyone can download a JavaScript and spoof a
valid response, thereby allowing non-validated data to be entered directly
into a system which does not do server-side verification. Please point
out to them that such a situation is a potential security hole.

--Kynn

--
Kynn Bartlett < <EMAIL REMOVED> > http://kynn.com
Chief Technologist, Idyll Mountain http://idyllmtn.com
Next Book: Teach Yourself CSS in 24 http://cssin24hours.com
Kynn on Web Accessibility ->> http://kynn.com/+sitepoint



---
To subscribe, unsubscribe, or view list archives,
visit http://www.webaim.org/discussion/


----
To subscribe, unsubscribe, or view list archives,
visit http://www.webaim.org/discussion/