On Thu, 2007-04-05 at 18:14 -0400, tedd wrote: > Rob: > > Okay, nothing wrong with playing devil's advocate. I open to discussion. > > Note, that some of my blind testers report that there are ways for > them to move a mouse -- but I haven't a clue as to how they do it or > what they "see". > > However, I don't see how adding javascript to move the mouse around > presents a security issue -- can anyone explain? As I see it, > server-side can still filter out what's input. In the end, it's > either right or not.
Part of the problem is relying on Javascript since many people don't enable it. Additionally it's not found in terminal system. I can't say how many times I've been stuck in a server room without a graphical desktop and all I've had is links or lynx to jump on some stupid manufacturer's site that decided to obliterate their pages by making pages only accessible via Javascript. I mean, for the blind people in your example you could easily generate a sound when the mouse passes over the appropriate area, thus they would have an audible cue to aid. But still, relying on Javascript is a bit flakey IMHO. Perhaps using two combined systems... more traditional obscured writing on image captcha, or a simple mathematical question for texties, or the system you presented with an audible ding for blind people to know they are within the field of success. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
