in reply to Re: Re: CGI and JavaScript
in thread CGI and JavaScript

This can be solved by checking if the user has javascript enabled, if not, pass a hidden flag then have the cgi script do it. You could so something like this.

HTML Form
<form>
<noscript>
<input type="hidden" name="jsenabled" value="yes">
</noscript>
</form>


CGI Script
if ($q->param('jsenabled') eq "Yes") {
  #perform validation
}

[download]
-thabenksta 
my $name = 'Ben Kittrell';
$name=~s/^(.+)\s(.).+$/\L$1$2/g;
my $nick = 'tha' . $name . 'sta';

[download]

Replies are listed 'Best First'.
(security)Re: Re: Re: Re: CGI and JavaScript
by Zaxo (Archbishop) on Jun 04, 2001 at 11:46 UTC

    You're trusting that input is from your form, and that your form has gone unedited. Clientside .*script is helpful, but is no substitute for good practice.

    After Compline,
    Zaxo

[reply]

In Section Meditations