Sent by Simon Willison on 18 July 2002 07:07
At 06:01 18/07/2002 -0500, Earl Cooley wrote:
>Simon Willison wrote:
> >
> > Client side security validation should never be relied on anyway,
> > as it can easily be overridden by a malicious user. It's great as
> > a non-essential usability aid ("You forgot to fill in this form field"
> > but it can only ever work as part of a validation system.
>
>So, do you think that CGI's like NMS (the next generation replacement
>for FormMail) are all ultimately futile and useless?
>
>http://nms-cgi.sourceforge.net/
Not at all, but they don't rely on client side validation for security
critical operations. If you want to discuss this further I suggest we take
it off-list or move it to Webdesign-L / Evolt (we could post a summary once
we've reached a conclusion or hit a deadlock, but as it stands this isn't
really suitable for css-discuss).
Regards,
Simon Willison
