yes, there a number of DOS and exploits using javascript. not sure how
serious.
i know alot of companies filter out active X and VBscript (mine included)
 
> -----Original Message-----
> From: Jim Lundeen [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 31, 2002 4:49 PM
> To: Kipp, James; begin begin
> Subject: Re: Checking Form data
> 
> 
> on a side note:  does anyone know the % of people that 
> actually disable
> javascript in their browser?  can javascript actually be used 
> to harm (lets
> pretend those annoying pop-up windows don't count!)?   i'm 
> not really a
> hard-core javascript person, so any stats that you have would 
> be interesting
> and helpful...   thanks!
> 
> "Kipp, James" wrote:
> 
> > Thanks for the reference. but as ealier mentioned , java 
> script can be
> > filtered out or shut off at the browser. i went ahead and 
> made a validation
> > routine in the CGI itself with regex and other tests.
> >
> > > -----Original Message-----
> > > From: John Griffiths [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, July 31, 2002 1:20 PM
> > > To: Kipp, James
> > > Cc: '[EMAIL PROTECTED]'
> > > Subject: Re: Checking Form data
> > >
> > >
> > > Although Perl/CPAN makes some good form handling modules
> > > available I think that the more client side data checking you
> > > can do the better. For date input I'd go with javascript, and
> > > I'd use an input calendar to control the data. See, for
> > > example, a prototype I'm working on at
> > > http://www.southwindssailing.com/pressgang/ which uses a nice
> > > javascript/DHTML input
> > > calendar by Lea Smart (www.totallysmartit.com).
> >
> >
> > --
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to