I understand what you are saying - but at the same time - it is important to make sure people (and our clients) realize that truly hiding JS is not going to happen. Using techniques like this just makes things harder - which in itself isn't a bad idea.
Ok, I'll stop being anal now. Sorry. :) ======================================================================== === Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc (www.mindseye.com) Member of Team Macromedia (http://www.macromedia.com/go/teammacromedia) Email : [EMAIL PROTECTED] Blog : www.camdenfamily.com/morpheus/blog Yahoo IM : morpheus "My ally is the Force, and a powerful ally it is." - Yoda > -----Original Message----- > From: Costas Piliotis [mailto:[EMAIL PROTECTED] > Sent: Thursday, April 03, 2003 7:58 PM > To: CF-Talk > Subject: RE: Hiding JavaScript codes > > > I know, you cannot for sure, 100% hide it... Cgi variables > can be spoofed. Still better than leaving it wide open if you > want to lock it down... > > It's like your house. Just because someone can break a > window doesn't mean you should leave the door unlocked. > Nothing is really 100% secure. But it protects you from > everyone but the elite hacker. > > The only way for one to do this is if they know how to pass > their own http headers. And then they need to know that > you're looking at that particular cgi variable, and they need > to know what you're comparing to as well. Too much trouble > for a little piece of javascript IMHO... > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
