Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

CGI and JavaScript

by stuffy (Monk)
on Jun 01, 2001 at 08:45 UTC ( #84848=perlmeditation: print w/replies, xml ) Need Help??

Being pretty new to Perl, and leaning toward CGI for most of my programming practice (only because I can think of more CGI types of applications I would like to write) I purchased a copy of "CGI Programming with perl" by O'Rilley to go with my "Programming Perl" while I wait for Llama 3 to be released (Soon I will be an O'Reilly library.) In my CGI book, I got to the JavaScript chapter. Reading through it got me thinking (yes, the rusty gears squeeeek.) Many home nodes warn against having javascrip on while visiting the community. Merlyn has even mentioned that he doesn't visit unknown sites with javascript on. I tried doing some of my surfing with javascript off, but have found that many sites that interest me are only available with java, including my bank's site. I know that it isn't very good programming practice to limit visitors based on the software they are running, or what options that they have turned on, but apparently it happens very frequently in the real world. I actually have a few questions I want to bring up for discussion.

1. Do you use javascript in your web development?
2. Do you surf the web with javascript on or off?
3. If you surf with it off, are there sites you turn it on for?

I know that alot of people will say that they use javascrips for for vaildation, if that is true, can you give me a strong arugment as to why you need to use javascript. I have found that it is possible to validate in your cgi scripts using simple regex (if you can call regex simple :~))
so please take a moment to ponder the questions I have brought before you and share with your brothers your thoughts on the topic.

That's my story, and I'm sticking to it, unless I'm wrong in which case I will probably change it ;~)

Replies are listed 'Best First'.
Re: CGI and JavaScript
by tomhukins (Curate) on Jun 01, 2001 at 13:20 UTC

    In general, I recommend avoiding any dependency on JavaScript in a Web site. A high enough proportion of Web users have JavaScript disabled to cause problems. Popular sites relying on JavaScript that I've worked on tend to receive a small amount of mail from users who have problems using the site. I suspect most users encountering problems go elsewhere without contacting anyone.

    Most features that JavaScript offers can be recreated using a combination of HTML, server side code and other techniques that will function in a wide range of environments. Several features of JavaScript (pop-up windows, window resizing) are annoying, so they're worth avoiding anyway.

    One advantage of client-side code is that no round-trip to the server is required. I recommend using JavaScript form validation when your budget allows. Of course, server side validation is essential too - never trust client software!

    JavaScript can add to the user's experience in some ways, such as automatic redirection to another page within SELECT lists. I recommend using JavaScript in such cases, provided you think carefully about how the site will work when JavaScript is disabled or unavailable.

    In short, I see no harm in using JavaScript to enhance your site, provided it is used only for enhancement and not as an essential part of the experience.


      I just wanted to add that I hate having my list selection auto redirect. It is a horrid interface design that is constantly sending me off to places just because I wanted to look at what was in the list. It is especially annoying if you use your keyboard more than your mouse.

              - tye (but my friends call me "Tye")
Re: CGI and JavaScript
by footpad (Abbot) on Jun 01, 2001 at 19:40 UTC

    I think you've hit upon your own solution. Only include the Javascript that is completely optional. Rollovers are fine (I suppose), but do not rely on Javascript to be your only validation mechanism for CGI scripts (for example). (This is something that the Rat book mentions.)

    I don't use Javascript to validate CGI scripts as the moment because my scripts are generally small enough that the performance hit isn't that bad. This also keep me from having to maintain two separate codes bases for the same task (validating input) and is helping my Perl skills.

    As far as browsing goes, I generally have Javascript disabled--unless I know that a site has a Javascript-based feature that I need/like or unless the site has really good use of CSS. (Netscape 4.7x does not render CSS unless Javascript is enabled.)

    Also, I use different browsers at different times. I use one for sites I trust or need Javascript/CSS with and I use another (with everything disabled) for most other activities. I've found this useful to test my sites with as well and generally ensure that my sites degrade as nicely as reasonably possible.


Re: CGI and JavaScript
by Corion (Pope) on Jun 01, 2001 at 11:58 UTC

    I always surf with JavaScript disabled, because popups annoy the hell out of me. I also surf with cookies disabled.

    I have two other security zones that allow me to enable cookies (for PerlMonks) and cookies + JavaScript (other trustworthy sites).

    I use both, JavaScript and CGI for form validation. This took a bit of design, but I now have (optional) JavaScript that does "immediate" validation without submitting, and a CGI behind that, which does the validation if JavaScript is disabled (it also validates if JavaScript is enabled, but in that case, only valid input should pass). (Yes, this is in a module which I've promised to release several times already. I promise to come forward with the module; in the meantime, you can try for the JavaScript part without the CGI backend.)

Re: CGI and JavaScript
by Chady (Priest) on Jun 01, 2001 at 10:25 UTC

    In answer to your questions:
    I always surf the web with javascript on, as far as I can see, it isn't that dangerous, but take this site for example; You have javascript enabled, and you visit my homenode, I have a simple javascript there to read your cookie with and /msg me with the information I just read. This can prove to be very dangerous.

    But I still use javascript in my web develpment, you can see my website, that was the first site I ever made, and I was very pleased with javascript I used it heavily on the site. and I couldn't have said it better: "I know that it isn't very good programming practice to limit visitors based on the software they are running, or what options that they have turned on, but apparently it happens very frequently in the real world."

    As I know more perl, I tend to stray away from javascript. I'm redesigning my site made fully with perl, and has validated HTML.

    He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

    Chady |
      Yes, I surf with Javascript enabled.

      No, I do not use it in site development, for a few reasons.

      First, the use of JS can enter some really funky usability problems into your site, particularly when dealing with JS for dynamic menus or onSelect type operations.

      Second, US federal regulations require that all script functionality on my sites be available to persons with disabilities, surfing with assistive technology like screen readers for visually impaired people.

      I'd rather just build a single, usable interface than have to deal with redundant systems. My servers can take the hits.

Re: CGI and JavaScript
by DBX (Pilgrim) on Jun 02, 2001 at 05:34 UTC
    One thing I haven't heard anybody mention is avoiding the performance hit on a high traffic site. If I can use Javascript to do a "first pass" at validating the data, then do the same validation inside the CGI, I can avoid some server overhead. If you get 1 million hits per day, for example, at a site and Javascript even catches 10% of your errors, that is a significant amount of load to push to the client side without too much more effort.
    In anything other than high traffic environments, I agree, CGI seems to do the trick and Javascript is only useful in special cases.
Re: CGI and JavaScript
by buckaduck (Chaplain) on Jun 01, 2001 at 23:51 UTC
    I guess I agree with the consensus so far...

    I use JavaScript in some of my forms to validate data, because nobody likes to click the Submit button and wait for 5-10 seconds only to find out that they missed a required field or mistyped an entry, and then have to go back to the form page and fill it in again (or else my CGI script has to re-display it), and so on ...

    But of course you still have to validate the parameters in your CGI script. The JavaScript validation is only for the convenience of the users, not for mine.


Re: CGI and JavaScript
by shotgunefx (Parson) on Jun 04, 2001 at 13:01 UTC
    It depends on who the site is intended for. Should a business oriented site rely on javascript? I think not.

    With all the differences in implementation, Javascript isn't ready for deployment in commerce oriented sites.IMHO

    Without getting into a drawn out discussion on web design, here are my personal thoughts for business oriented sites.
    (I've posted well over 100K web pages now for whatever that's worth.)

    Outside of clear navigation, etc... sites should be designed in successive layers.
    i.e It works with Javascript,Java, Activex off. If you want to have mouseovers and image flips, etc, they should be designed in such a way as to not impair the functionality of the site without their use.

    Javascript is great for pre-emptive form checking but most of the things that people do with it are indeed bells and whistles. Even when they are not, there is usually another alternative. (Plus it all breaks when version X of whatever browser get's released.)This might not be a problem if this is an intranet and IT controls what is installed.

    I'd also recommend sticking with GIF and JPG.

    (Fun fact: NT 4.x crashes unrecoverably when attempting to display certain PNG files.)

    Modest use of javascript is fine but I think until there is a more uniform deployment, you would be remiss to rely on it heavily when there's money on the table.

    For consistent behaviour, you can't beat server side.

    Again this is all context, for some sites, requiring the latest greatest browser is not a problem. It all depends on whom your expecting to reach.


    "To be civilized is to deny one's nature."
Re: CGI and JavaScript
by sierrathedog04 (Hermit) on Jun 03, 2001 at 02:14 UTC
    No one designs cars for those who wish to drive on bald tires, and there is no obligation to design web pages for those who wish to surf with Javascript turned off.

    Several posters have mentioned that using Javascript for client-side form validation reduces traffic on the server significantly.

    Another reason is to reduce the complexity of one's code. If Javascript catches an error client-side, everything remains as it was. If Perl catches an error server-side, then the entire form must be returned to the user as it was. (I do not think that using a browser's history mechanism to return to the form as it was submitted is reliable in all instances.)

    What if the form you are processing can be submitted from several different pages? How do you know the HTML text of the page that submitted the form?

    Lincoln Stein includes Javascript support in for a reason. I say use it for form validation if for nothing else.

      You are suggesting using it for form validation. That makes since, but do you worry about people that don't have it turned on? How do you handle that? If someone doesn't have javascript on, are they just out of luck? In that case have you lost out on someones buisness (or has whom ever hired you lost out on someones buisness?) I understand on high traffic sites it is probably a good thing, but what about a backup plan for the people that don't have it on?

      by the way, there are cars designed for people that like to drive with bald tires, you can usually find them at the local drag strip :~)
      update: corrected spelling

      That's my story, and I'm sticking to it, unless I'm wrong in which case I will probably change it ;~)

        This can be solved by checking if the user has javascript enabled, if not, pass a hidden flag then have the cgi script do it. You could so something like this.

        HTML Form <form> <noscript> <input type="hidden" name="jsenabled" value="yes"> </noscript> </form> CGI Script if ($q->param('jsenabled') eq "Yes") { #perform validation }
        my $name = 'Ben Kittrell'; $name=~s/^(.+)\s(.).+$/\L$1$2/g; my $nick = 'tha' . $name . 'sta';
Re: CGI and JavaScript
by thabenksta (Pilgrim) on Jun 01, 2001 at 23:47 UTC

    I love javascript. I never turn it off, and I use it as much a I can. It adds many features to websites that nothing else can(except VBScript, etc.). It allows you to give your website a more friendly user interface, and automate a lot of tedious processes. I admit, it can be used in bad ways, and very annoying ways, but if you use it right it can be a great tool.

    As far as form validation, the benefit of using JavaScript is that you don't have to submit the form, you can pop-up a alert window and the focus on the field that has the problem.

    Now-a-days when almost all browsers support it, I couldn't see why you wouldn't want to reap it's benefits. And my opinion is, if you have javascript turned off, you're going to have trouble viewing most websites anyway.

    I have never heard of any Security issues using javascript, so I wouldn't worry about that either.

    my $name = 'Ben Kittrell'; $name=~s/^(.+)\s(.).+$/\L$1$2/g; my $nick = 'tha' . $name . 'sta';

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlmeditation [id://84848]
Approved by root
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (1)
As of 2021-10-17 01:15 GMT
Find Nodes?
    Voting Booth?
    My first memorable Perl project was:

    Results (70 votes). Check out past polls.