javascript is clientside. Therefore, any password you validate in javascript
can easily be seen by a person using view source.
Having:
function validatePassword()
{
return password == 'open sesame';
}
is not very good security.
-Tim
-----Original Message-----
From: Brian McSweeney [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2003 11:32 AM
To: Struts Users Mailing List
Subject: Re: validator with password fields
yep, that's it. I see that the required field is the only one that works.
Can you tell me why this is?
----- Original Message -----
From: "David Graham" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 03, 2003 4:02 PM
Subject: Re: validator with password fields
> Javascript for password fields is intentionally limited for security
> reasons. The only javascript validation that runs on password fields is
the
> required check. What version are you using?
>
> David
>
> >
> >Hi all,
> >
> >when trying to make a password field required using the validator, the
> >javascript doesn't seem to work.
> >The server side validation does work. Strangely, the javascript
validation
> >works in the same form for text fields.
> >
> >Anyone ever encountered this before?
> >
> >Am I just doing something wrong?
> >brian
>
> _________________________________________________________________
> MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
> http://join.msn.com/?page=features/virus
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
