Comments on: Submitting disabled forms with DOM inspector http://www.scohen.org/scohen/2005/09/12/submitting-disabled-forms-with-dom-inspector/ This is the web site of Steve Cohen, programmer, motorcyclist, kayaker and all around geek Tue, 29 Sep 2009 19:59:21 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Dad http://www.scohen.org/scohen/2005/09/12/submitting-disabled-forms-with-dom-inspector/comment-page-1/#comment-344 Dad Thu, 15 Sep 2005 14:09:46 +0000 http://www.scohen.org/scohen/archives/2005/09/12/submitting-disabled-forms-with-dom-inspector/#comment-344 uh.... uh….

]]> By: Steve, not Cohen http://www.scohen.org/scohen/2005/09/12/submitting-disabled-forms-with-dom-inspector/comment-page-1/#comment-343 Steve, not Cohen Thu, 15 Sep 2005 14:03:27 +0000 http://www.scohen.org/scohen/archives/2005/09/12/submitting-disabled-forms-with-dom-inspector/#comment-343 >Yes, but usability is important. Agree. I was being a bit sarcastic given the codebase I work on. What I'm bothered by is an app that trusts the browser to enforce client side rules. A couple of years ago, I was able, via some use of the back button, to submit a 401K withdrawal percentage above what was allowed by the plan. Apparently, the javascript that was supposed to enforce a business rule failed and the backend dutifully persisted the data as requested. >Yes, but usability is important.

Agree. I was being a bit sarcastic given the codebase I work on. What I’m bothered by is an app that trusts the browser to enforce client side rules. A couple of years ago, I was able, via some use of the back button, to submit a 401K withdrawal percentage above what was allowed by the plan. Apparently, the javascript that was supposed to enforce a business rule failed and the backend dutifully persisted the data as requested.

]]> By: scohen http://www.scohen.org/scohen/2005/09/12/submitting-disabled-forms-with-dom-inspector/comment-page-1/#comment-342 scohen Tue, 13 Sep 2005 13:01:04 +0000 http://www.scohen.org/scohen/archives/2005/09/12/submitting-disabled-forms-with-dom-inspector/#comment-342 Yes, but usability is important. We disable buttons to give a visual clue not to submit the form. I also use the Struts token to prevent double submissions, and this is truly a belt and suspenders kind of thing... Also, it's on an internal app, so we really don't have to worry about malicious users. IE users (god help them) are a different story. Yes, but usability is important. We disable buttons to give a visual clue not to submit the form.

I also use the Struts token to prevent double submissions, and this is truly a belt and suspenders kind of thing… Also, it’s on an internal app, so we really don’t have to worry about malicious users.

IE users (god help them) are a different story.

]]> By: Steve, not Cohen http://www.scohen.org/scohen/2005/09/12/submitting-disabled-forms-with-dom-inspector/comment-page-1/#comment-341 Steve, not Cohen Tue, 13 Sep 2005 12:39:18 +0000 http://www.scohen.org/scohen/archives/2005/09/12/submitting-disabled-forms-with-dom-inspector/#comment-341 No competent software engineer would even entrust data validation to the UI, much less that which is hosted by an inherently untrustworthy browser! This could be fun. No competent software engineer would even entrust data validation to the UI, much less that which is hosted by an inherently untrustworthy browser! This could be fun.

]]>