On Wed, Aug 26, 2009 at 06:19:10AM -0700, Cristiano Diniz da Silva wrote: > Don't count on it. You will need a server-side scripting language and > if you really want some security you will need also a SSL certificate.
Not necessarily. You can use HTTP-level authentication by just dropping the right directives into .htaccess and creating a .htpasswd (or similar) containing the valid user credentials. This does not require any server-side programming, but will completely block unauthenticated users from any access to your page(s). Application-level authentication, multiple authorization levels (even just "guest" vs. "logged in"), or simply having an application in the first place does require server-side programming, though, like you said. Good point on the SSL also. Sending passwords across the net in plaintext isn't exactly the height of security. -- Dave Sherohman ______________________________________________________________________ css-discuss [cs...@lists.css-discuss.org] http://www.css-discuss.org/mailman/listinfo/css-d List wiki/FAQ -- http://css-discuss.incutio.com/ List policies -- http://css-discuss.org/policies.html Supported by evolt.org -- http://www.evolt.org/help_support_evolt/
