[sword-devel] Web Interface

Klaus R. H. Walther sword-devel@crosswire.org
Sat, 22 Feb 2003 23:53:46 +0100


Am Samstag, 22. Februar 2003 20:40 schrieb YTang0648@aol.com:

> add ECMAScript, DOM Level 1, DOM Level 2, and UTF-8 at least please.

about once a week I get information about a security hole in a browser (IE, 
Netscape, mozilla, opera, ...) In most cases the hole is in the dynamic part. 
And there is always one solution: Switch off all dynamic parts, like Java, 
JavaScript, ActiveX and so on. Therefore I know many people who never switch 
on JavaScript/ECMAScript, even if their browser support it. 

That's the reason why it is so important to have a Website working without any 
dynamic elements on the client side.
PHP (and Perl and so on) are working on the server side. Therefore the 
security problems are not on the side of the user, but on server side (which 
should know the code).