[Javascript] DevToolbar
Allard Schripsema
allard-schripsema at procergs.rs.gov.br
Wed Feb 15 13:41:12 CST 2006
Hi All,
This monday someone in this list alerted me about the Microsoft DevToolbar.
A great plugin for webdevelopers, similar to firefox tools etc.
But also a great "hacker"-tool as i discovered, testing it out on our
(asp-vb) intranet application.
I can rewrite inputs sothat all validation is "erased", create buttons
executing javascript, etc, causing me to have some questions i want to share
with you:
I wonder if these tools mean the end of javascript as a browserside
validator? What is the point in validating clientside, if you have to
rewrite the code on the server?
Is the aspnet viewstate a defence against this kind of pagetampering, or
does it also simply accept changes? How do other languages protect
themselves?
Is there any easy way of protecting the pages against these tools?
thanks,
Allard Schripsema
www.VisualDigital.com.br
More information about the Javascript
mailing list