[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Client-side validation in 2007?

From: Jeremiah Grossman <jeremiah@xxxxxxxxxxxxxxx>
Subject: Re: [WEB SECURITY] Client-side validation in 2007?
Date: Fri, 12 Jan 2007 13:57:16 -0800

Hi Kurt,

	Nice find. Some c-net coverage as well.

Macworld crack offers VIP passes, hacker says http://news.com.com/2100-1002_3-6149994.html? part=rss&tag=2547-1_3-0-5&subj=news


On Jan 12, 2007, at 12:52 PM, Kurt Grutzmacher wrote:

I didn't see my post get to the webappsec list like it did Full
Disclosure, but really I'd like to bring up a discussion item here --
how many people still find web applications using client-side
validation being used for such things as prices, discount codes,
privilege, etc?

Client-side validation is used quite often is my experience (for responsiveness), but most of the time is backed-up with server-side code. Every once in a while you'll run into something like this. Its really just website dependent.


Regards,

Jeremiah-

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

References:
- [WEB SECURITY] Client-side validation in 2007?
  - From: Kurt Grutzmacher

Prev by Date: [WEB SECURITY] Client-side validation in 2007?
Next by Date: RE: [WEB SECURITY] Client-side validation in 2007?
Previous by thread: [WEB SECURITY] Client-side validation in 2007?
Next by thread: RE: [WEB SECURITY] Client-side validation in 2007?
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site