Real Software Forums
http://forums.realsoftware.com/

Client Hackability
http://forums.realsoftware.com/viewtopic.php?f=23&t=47935
Page 1 of 1

Author:  neonash7777 [ Tue May 21, 2013 10:01 am ]
Post subject:  Client Hackability

Let's say I have a disabled text field, the client uses code to update the text field (and/or enable it). Does RS know that the textfield is disabled and so the "valueChanged" event won't trigger or update for the server side of things?

Author:  PrietoM [ Tue May 21, 2013 11:10 am ]
Post subject:  Re: Client Hackability

When you say "the client uses code to update the text field (and/or enable it)". do you mean the client updates the javascript code on the browser (assuming it is possible)?

I wonder too if events are automatically triggered!! :?:

Author:  neonash7777 [ Wed May 22, 2013 10:09 am ]
Post subject:  Re: Client Hackability

PrietoM wrote:
When you say "the client uses code to update the text field (and/or enable it)". do you mean the client updates the javascript code on the browser (assuming it is possible)?

I wonder too if events are automatically triggered!! :?:


Yeah, let's say they update the javascript to re-enable the text field, or they just rerender the page with the modification. I want to know that even though the would see the textfield as editable and their browser would send RS the textchanged event, that RS would know to ignore this event when it gets to the server side.

Author:  taylor-design [ Thu May 23, 2013 2:34 am ]
Post subject:  Re: Client Hackability

neonash7777 wrote:
Yeah, let's say they update the javascript to re-enable the text field, or they just rerender the page with the modification. I want to know that even though the would see the textfield as editable and their browser would send RS the textchanged event, that RS would know to ignore this event when it gets to the server side.


I just tested this and it doesn't seem to. However, I wouldn't rely on this behavior for security purposes. I would double check in the control event handler if it matters for the application.

Page 1 of 1 All times are UTC - 5 hours
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/