At 10:06 AM -0800 on 2/12/00, Alain Farmer wrote:
>> Uli: 1) It uses JavaScript. I'm paranoid.
>
>Alain: Security-wise, JavaScript is no worse than
>other languages, it seems to me. The most recent
>incarnation of JS has been overhauled in terms of
>security. Which is good, I am sure, but which caused
>me many headaches this year.
I've lost count of how many JS security holes there have been last
year, from stealing credit card numbers to faking which site you're
looking at.
>> Uli: Would it be possible to change the
>> navigation to use regular HTML?
>
>Alain: I endeavour to be as flexible as possible but,
>in this case, I cannot compromise at all. While my
>system is 80% server-side, and the 20% client-side
>JavaScript that I do use is limited in scope to the
>fundamentals ... without JavaScript, the whole
>solution falls apart.
What does the JavaScript do? It activates a simple form. Some reason
why clicking the nagigation images can't do that?
I've got problems besides just letting unknown parties execute code on
my machine -- 3 of the 4 browsers I use don't support JavaScript.
>> Uli: Also, I don't get anything in the bottom frame.
>
>Alain: That frame was intentionally empty.
Please remove it. It makes it need to scroll on my 13" monitor.
