And I forgot to mention the elimination of SO MANY ads, including the
annoying flash ads. When I am on EVDO, it speeds up web surfing
dramatically.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"I have always strenuously supported the right of every man to his own
opinion, however different that opinion might be to mine. He who
denies another this right makes a slave of himself to his present
opinion, because he precludes himself the right of changing it."
-- Thomas Paine, 1783
On Mar 20, 2008, at 12:06 PM, Dean H. Saxe wrote:
Well, like I said, I whitelist sites I use that don't work without
JS. But I blacklist the various ad and tracking sites which are
useless to me and only serve to profile my web surfing. Plus, I
know where all the JS comes from now so I can limit any malicious JS
because I have to specifically enable it if the site is not
whitelisted.
NoScript also provides some XSS protections too... Seriously, check
it out if you have any interest in security and/or privacy.
Now why in the hell would HR/IT be pissed if a user turned off JS?
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only
by the peoples' willingness to contest them"
--John Perry Barlow
On Mar 20, 2008, at 11:35 AM, Douglas Knudsen wrote:
ok, aside from the jab in the subject change, I've been curious of
this. I come from inTRnet world where if a user turned JavaScript
off, they could actually be visited by HR/IT enforcement. Anyhoo,
in the wide world web what type of user actually disables
JavaScript? Security minded folks it seems from Dean's comment,
but who else? Certainly not your g'ma, eh? I suppose that's a
question to ask when implementing a site or feature, does the
subset of NoScripters matter to the goals of your site? Is this a
question that should even be entertained in todays web? I know
maybe 10 years back it was a serious one, but what about now?
On another side, this would be similar to the users who do not
install Flash Player. Here though they have measured saturation,
though not that scientific, seems to be somewhat dependable. Is
there such data on JavaScript?
DK
On Thu, Mar 20, 2008 at 11:16 AM, Dean H. Saxe <[EMAIL PROTECTED]
> wrote:
I'm one of those users. NoScript is a very good extension if you
want to know what marketing companies and other unsavory types are
harvesting your surfing habits to target advertising. I enable
scripting on a whitelist of trusted sites only.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Great spirits have often encountered violent opposition from weak
minds."
--Einstein
On Mar 20, 2008, at 11:10 AM, Douglas Knudsen wrote:
My first thought is...disable the submit button after its mashed
once. My second thought is, some people disable JavaScript.
Now, what type of user disables JavaScript? Would that type of
user go 'mash the button crazy', does it really matter then? If
so, could use Flash(read Flex). Aside from that, maybe some sort
of random key deal that you could test server side, if the key is
inprocess, do nothing, ow process. But the upload issue might
still be there as this occurs before your CFM processing does. I
might re-factor the UI putting document uploads on a separate
view from the data input.
hope the rambling helps... :)
DK
On Thu, Mar 20, 2008 at 10:51 AM, Jeff Howard <[EMAIL PROTECTED]>
wrote:
I'm working on an application where a form is submitted along with
various attachments (doc, pdf, xls, etc). Apparently users are
submitting the same request several times and I've been asked to
address this issue. At first thought, it seemed quick and simple
to me, but as I've started working on it I can't decide exactly
how to handle the attachments in associated with the form in the
most efficient way.
That brings me here. I was looking for suggestions on how to
handle the attachments while I run validation on the db to see if
the input from the form already exists in the db. It seems like
something that would be perfect for AJAX to handle, but my AJAX
skills are virtually nonexistent. So, without using AJAX (or if
you can break it down using AJAX for a novice) how would you
handle the situation?
The main issue I'm having, is that if I do the validation after
the form submission, CF is assigning a temp directory to my
attachment file. So what is submitted as this: "C:\Documents and
Settings\JHoward\Desktop\PO Request mods.doc" ends up as this
after submission and validation: "C:\ColdFusion8\runtime\servers
\coldfusion\SERVER-INF\temp\wwwroot-tmp\neotmp13963.tmp " and
then when I pass it to the CFFILE, it tells me the file doesn't
exist.
I'm really just looking at the different ways other people would
handle this situation to try and decide so any input would be great.
Thanks in advance.
Jeff
-------------------------------------------------------------
Annual Sponsor - Figleaf Software
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-------------------------------------------------------------
--
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?
-------------------------------------------------------------
Annual Sponsor - Figleaf Software
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-------------------------------------------------------------
--
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?
-------------------------------------------------------------
Annual Sponsor - Figleaf Software
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-------------------------------------------------------------
