it adds to my experience, and because I am aware of the security risks
just to enforce a designer's 'look,' which I object to. My idea of
to view sites which had information I needed, and leaving sites which
otherwise seemed interesting, because they violated my principles with
It can be useful to do things like
client-side parameter checking to reduce bad requests to the server,
or limiting choices based upon previous selections without reloading
pages. But that's all it is good for--adding to the experience. Too
many people mistake it for required functionality, forgetting the browsers
by disabled people), and the people like me, who believe that
navigate. There are the sites with on-click submits and no submit button
for the form; the ones that display blank pages; and the ones that
need to use, like the telephone directory
or the train schedule.
one website, I've tried to change my outbound date, only to have the
date reset with the error message that my outbound date is after my
return date. Of course it is--I haven't gotten to the return field,
which is always shown after the departure field. The program is trying
to be helpful, but it's irritating. I also enjoy don't windows popping up
if I haven't clicked for them, or automatically submitted forms.
these enhancements doesn't wash. Of course everyone who visits
But they won't necessarily like it. Many companies are phasing out
pop-up ads after finally recognizing that they simply annoy people.
Read why relying
upon such statistics is a bad idea.
The World Wide Web Consortium (W3C)
has written web content
accessibility guidelines. Guideline 6.3 involves making
content accessible to users without requiring scripting. This
issue is rated priority 1, meaning that a site which does not
follow this guideline is not even minimally accessible. Priority
1 is defined as "A Web content developer
must satisfy this checkpoint. Otherwise, one or more groups will find
it impossible to access information in the document. Satisfying this
checkpoint is a basic requirement for some groups to be able to use
When a private company chooses to ignore accessibility, it is rude. If
an alternative service is available, I will use it, or, oftentimes, I
will simply decide that I don't need whatever the company is offering.
When a government-run service, or a private company which provides
a public service does this, it
should be illegal. It is the same principle as requiring new public
buildings to be made to accommodate wheelchairs.
at W3C (section 8). It is interesting to note that they advise
More up-to-date security information can probably be found through
At first, this may not appear to be an issue for you, the user. If
that you do not have to contact the site in order to find that there
was an error in the way in which you entered your data. Instead, you
will be prompted to correct it immediately. It is also an advantage
to the site, because it reduces server load by fixing data before it
routines and then to write the same code for your server-side application,
although there are tools which can assist in this. Sometimes this
extra burden leads to different requirements server-side and client-side.
If the two clash, the problem will be spotted rapidly. But if the server-side
is more permissive than the client-side, a possible exploit has been
introduced. The situation is far worse when the site relies upon
introduce incorrect data. Yet the real concern is someone introducing
malicious statements in to fields. If a form field is simply put in
a database without further verification, someone may be able to modify
or delete data by submitting a database command.
Again, this may seem irrelevant to you as the user. But what if the
site in question is your bank, or another institution which might
hold private information about you?
There probably isn't much you can do, aside from supporting legislation
which requires companies to report to clients when security has been
compromised, and also informing companies which appear to rely upon