Perl Monk, Perl Meditation | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
It's true that it's often more usable to have the interface
permit only valid input to be expressed*--rather than
accepting anything and emitting error messages later--but
remember that you need to leave the server-side verification
in place for security.
Clayton probably knew this, but client-side error checking is risky on it's own since everything running on the attacker's machine is under his control, including his copy of your HTML and javascript. * the exceptions that prove the rule
In reply to Re: Re: The art of error handling
by saucepan
|
|