john6630 wrote on 7/12/2008 9:31 PM:
I have studied the jqModal plug-in and Alexandre Plennevaux's tutorial on using this with an IFrame. It seems to me, I can emmulate my windows programming approach using a main page with navigation which launches various other pages using jqModal and Ajax. If that is possible, won't the stateless issue be resolved since I can use global variables on the main page to store autorization, activity, state, etc.? It seems this would be an exact fit to my current programming process. It also would not require a "framework" since my app is essentially the total framework.
You could code a webapp like this, where it's driven from a master page on the client side. The issue is if the client is responsible for storing authorization, state, etc, then a malicious user could circumvent your authorization and change their state. That's why the proliferation of server-side frameworks; they provide the scaffolding you need to build a secure web app (a way to maintain the state of the client, a way to authorize them, etc). The #1 rule for secure webapp programming is to treat all client input (headers and request) as hostile until proven otherwise (or sanitized). - Bil
