[whatwg] Client-side verification will never work in the real world

Ian Hickson ian at hixie.ch
Wed Jun 30 07:40:45 PDT 2004

On Tue, 29 Jun 2004, Jason Lustig wrote:
>> At the end of section 2.1, right before section 2.1.1 reads the following:
> I missed that, my mistake. Still, there are a lot of web developers that
> will forget about it...

Indeed, but then they forget about it now with JavaScript-based
client-side validation, and they used to forget it before they did any
validation on either side.

I don't see this as making it worse.

> I totally agree with you! I am dreaming right now of quicken-style
> dropdown calendar and calculator widgets in my webapps... and
> client-side verification is good for the average user, but it isn;t the
> end-all-be-all of security.

Indeed. In fact I would say it isn't security at all. It's just better UI.

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list