WHATWG calls for 'Last' Comments on Web Forms 22
hixie writes " The W3C recently acknowledged
a version of the Web Forms 2.0 draft submitted to the W3C by Mozilla
and Opera. Meanwhile the WHATWG has updated the Web Forms draft and
released a new
call for comments. Send them in!"
Re:Input validation schemes (Score:4, Insightful)
No need to pick on the PHP coders -- you can just as easily write unchecked Perl, ASP, Python, etc -- but yes, some of the biggest website vulnerabilities are caused by relying too much on JavaScript to validate input.
I mean, essentially you're just having to check everything twice... what was wrong with returning a page informing the user of his or her mistakes, exactly?
It's a little faster for the user (instant feedback on any mistakes), and it saves a tiny bit of server resources. And it should replace all the JavaScript hacks with one standard interface.