This is a favourite way to hack web sites, when they rely only on Javascript
to secure them. The user only has to turn off javascript in their browser
to avoid any checking.
You must validate front and back!! Javascript gives instant feedback only.
-----Original Message-----
From: A mailing list about Java Server Pages specification and reference
[mailto:[EMAIL PROTECTED]]On Behalf Of Radhakrishnan, Sanjay (c)
Sent: Tuesday, December 21, 1999 16:14
To: [EMAIL PROTECTED]
Subject: offtopic:JavaScript & Security
We are planning to develop a system for delivering reports over the web.
HTML and JavaScript would be used in doing the frontend interface.
My question to the group is this how secure is JavaScript. I understand that
one of the most common Uses of JavaScript is doing client side validation.
But the problem(it maynot be) that i see with JavaScript is that an
intelligent user can do a view source on the browser change the JavaScript,
and hence could change the validation rule and could enter incorrect data
into the system.
Is this a possibility or am i missing something here.
Thanks for your time
Sanjay
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
