Reputation: 830
jquery/javascript security
I am using jQuery to disable some form buttons. Simple stuff. But how can I prevent users from editing the DOM and enabling the button themselves so they can work around the restrictions I put in place?
Upvotes: 1
Views: 73
Answers (4)
Reputation: 2968
You can't!!! Once the DOM is at the client side you don't have control over it the best way to ensure security is to handle it also via server side.
Upvotes: 0
Reputation: 324790
You can't force the user to do anything, neither can you prevent them from doing anything. If you could, spammers would have a field day.
This is why EVERYTHING MUST be validated on the server-side.
Upvotes: 1
Reputation: 1538
You can't. The DOM is entirely handled by the browser. Once you've sent off the page to the client, it's out of your hands. All you can do is keep track of whether an action is allowed on the server, and allow or disallow it when they try.
Upvotes: 1
Reputation: 944210
You can't. The client is completely under the control of the user.
You can only handle what data you accept when it is submitted to the server.
Use client side code to make things convenient for users. Use server side code to enforce security and other restrictions.
Upvotes: 10