in reply to Re: How to hide JAVASCRIPT coding from CGI?
in thread How to hide JAVASCRIPT coding from CGI?
It's even easier than that- users can turn off javascript anywhere they want, nullifying your client-side validation altogether.
If you use Mozilla Firefox and the Web Developer Extension it is INCREDIBLY easy to muck with form values- you can turn POSTs to GETs, make all variables "writable" right in the browser, and generally wreck havoc on brittle form validation. Use javascript for UI/notification icing, server-side for real variable sanitization.
-Any sufficiently advanced technology is
indistinguishable from doubletalk.
In Section
Seekers of Perl Wisdom