[thelist] was: xssi serving up separate css now: client vs. server
Paul Backhouse
paul.backhouse at 2cs.com
Fri Oct 12 10:34:23 CDT 2001
ron,
thanks- i think javascript used in the correct way can be a powerful
resource.
cheers
paul
-----Original Message-----
From: thelist-admin at lists.evolt.org
[mailto:thelist-admin at lists.evolt.org]On Behalf Of
Ron_Senykoff at BEAEROSPACE.COM
Sent: 12 October 2001 16:32
To: thelist at lists.evolt.org
Subject: [thelist] was: xssi serving up separate css now: client vs.
server
<snip>
"The Optimizer" wrote:
<tip>
Always use server-side validation for form input. It is a trivial matter to
bypass JavaScript validation in order to populate a database with
meaningful
code.
</tip>
</snip>
Why not use both?? For the users with JavaScript enabled, you're providing
that nice quick response that only client-side validation can give. If it
passes your client-side, then it will make it through server-side. But if
they have JavaScript disabled then have the server check it. Use JS to
write(daJSButton) and <noscript><input type="submit"></noscript> for the
non JS people.
I guess this is the ideal situation, but we all know that time = $$ = beer
so we must have our priorities, unless of course you don't like $$ or beer.
-Ron
---------------------------------------
For unsubscribe and other options, including
the Tip Harvester and archive of TheList go to:
http://lists.evolt.org Workers of the Web, evolt !
More information about the thelist
mailing list