>The biggest problem with this approach is that it offers nothing in the way >of actual enforcement of data. It takes about 2 seconds to bypass that kind >of validation either by frame hacks or form substitution. Ok, for "frame hacks", it shouldn't be applicable to a page that does not frame. On "form substitution", very interesting stuff, tell me more about it.
>As long as you still implement the server-side aspect, the choices you have >to notify the user are practically endless. I personally prefer: I knew the 'traditional' server-side validation is more secure... Thank you. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:305269 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
