E-mail List Archives

Search E-mail List Archives for

Number of posts in this thread: 1 (In chronological order)

From: Paola Colitto
Date: Fri, Jul 12 2002 10:57AM
Subject: PLEASE UNSUBSCRIBE
No previous message | No next message

-----Original Message-----
From: WebAIM forum [mailto: = EMAIL ADDRESS REMOVED = ]On Behalf Of
Kynn Bartlett
Sent: Friday, July 12, 2002 1:00 PM
To: WebAIM forum
Subject: Re: Opinions please


At 12:14 PM -0400 7/12/02, John Foliot - bytown internet wrote:
>Their concern however is on server load - the form
>is part of a huge enterprise with potentially hundreds of thousands of
>"hits" daily. The question was then posed - could they use JavaScript as
>the primary means of form verification, with a server side redundant back-up
>for user agents which do not support client side scripting?

Yes, that's fine.

Note that for matters of pure security they will want to do server-side
checking ANYWAY because anyone can download a JavaScript and spoof a
valid response, thereby allowing non-validated data to be entered directly
into a system which does not do server-side verification. Please point
out to them that such a situation is a potential security hole.

--Kynn

--
Kynn Bartlett < = EMAIL ADDRESS REMOVED = > http://kynn.com
Chief Technologist, Idyll Mountain http://idyllmtn.com
Next Book: Teach Yourself CSS in 24 http://cssin24hours.com
Kynn on Web Accessibility ->> http://kynn.com/+sitepoint



---
To subscribe, unsubscribe, or view list archives,
visit http://www.webaim.org/discussion/


----
To subscribe, unsubscribe, or view list archives,
visit http://www.webaim.org/discussion/




----
To subscribe, unsubscribe, or view list archives,
visit http://www.webaim.org/discussion/