Then surely the CMS isn't doing it's job? They are coding when the CMS should be managing the work?
I can see your stance but the fact they are now coding ad-hoc (and no doubt the JS will not be checked) they could wreak havoc either deliberate or otherwise. More to the point... Telltales? "This e-mail is from Reed Exhibitions (Gateway House, 28 The Quadrant, Richmond, Surrey, TW9 1DN, United Kingdom), a division of Reed Business, Registered in England, Number 678540. It contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the sender or call our switchboard on +44 (0) 20 89107910. The opinions expressed within this communication are not necessarily those expressed by Reed Exhibitions." Visit our website at http://www.reedexpo.com -----Original Message----- From: Matt Robertson To: CF-Talk Sent: Tue Mar 06 23:46:20 2007 Subject: Re: XSS - Cross Site Scripting On 3/6/07, Robertson-Ravo, Neil (RX) <[EMAIL PROTECTED]> wrote: > Surely there can be no real justification for them to do JS which you do not > provide as a developer? Well, the web page they are maintaining is kept inside of a cms, and the site owner's staff needs to input little bits of js into the web pages to provide telltales for exterior systems. They expect to do this entirely for themselves. The CMS is in place specifically to eliminate the developer from the job picture. If the words "javascript" weren't involved it would be mind-numbingly dreary, day-to-day work. Its not developer-level work. -- [EMAIL PROTECTED] Janitor, The Robertson Team mysecretbase.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271804 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
