[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev LYNX: hey, guys: Just what are we gonna *DO*?
From: |
Duncan Simpson |
Subject: |
Re: lynx-dev LYNX: hey, guys: Just what are we gonna *DO*? |
Date: |
Mon, 19 Aug 2002 15:17:36 +0100 |
> In a recent note, Ian Collier said:
<request for a button to submit a form without a sbumit button snipped>
> Unfortunately, one consequence of this would likely be that webmasters
> imprudently relying on client-side verification would observe an
> unusually high incidence of invalid submitted data from Lynx, and be
> likely to discriminate even further against Lynx.
>
...if so, then these webmasters need to learn something about security.
Crackers will submit arbitary form data, including things not the list given a
selection box, if it helps them penetrate a system. Client side verification
might help users to some extent but is not a sibstitute for rigours servers
side verification. Besides there are bugs in java script and other browsers
that do not support javascript.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden