> Forgive me for butting in and nitpicking.  While almost
> everything
> you say in your note is certainly correct, the last
> sentence in the
> above paragraph is not.

Don't worry Hans, we've come to expect it.  :)  Nitpicking
that is.. you're not butting in.  Everyone's input is
valued.

 You just can't guarantee that a
> hit on your
> public web site is from a web browser (let alone any
> particular
> browser).  The request may be coming from any of hundreds
> of
> webbots, such as the "Googlebot" or the infamous "email
> siphon".
> Or, the request may even be coming from some malicious
> script kiddie
> using a tool like your GETURI.

Yes, you're correct.  But then I can nitpick your nitpick
and say that if someone was using a tool such as GETURI I
would hopefully recognize that and return XML instead.
Parsing HTML blows.  Of course, one would charge for such a
service.

--snip field checking and Perl blurb--

> The bottom line is this:  Regardless of any size limits
> in your HTML
> forms, or any validity checking in your client-side
> scripting,
> validity checking is a necessity in all CGI programs,
> since the
> request may be coming from a source other than a
> supported browser.

I agree, Hans.  Thanks again for nitpicking.  ;)  But, I
shall again nitpick your nitpick and state that the reason
you need to do server side validation is not (only) because
the request may come from another source.  But because the
data could be, well, crap.  And your client side scripting
may not always work especially when people like testing your
site with "out of the ordinary" browsers.

Sure we have standards from W3C, but does everyone follow
them?  No, and because of this other "standards" are
accepted (just look at the difference in IE and NS
javascript handling).  So the accepted standard is to write
your apps to work with the most popular browsers and their
"standards".  I know you won't agree with this, Hans, but
try to contain yourself. <smile>

Brad
www.bvstools.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.