• Subject: RE: CGI Fact Finding Mission (Need Input)
  • From: boldt@xxxxxxxxxx
  • Date: Thu, 18 Nov 1999 14:11:38 -0500



Brad wrote:
>>
>> Cookies are a controversial subject.  Some say they're
>> safe, but others point out that advertisers use them to
>> track the movements of people through the web.
>
>They are safe.  At least for now.  Who cares if they're tracking your
>movements.
>
>Its too bad that Cookies and JS get a bad name because people use it for
>stuff like this.  They're great tools.

I agree that they can be great tools if used properly.
Who cares if they track your movements through the web?
I for one.  I realize that North Americans are much less
concerned about privacy than, say, Europeans.  Privacy
laws are much more strict in Europe, and personally, I'd
like to see the same here.  Even if you set your browser
such that a web site can only see it's own cookies, since
one advertiser has about half the market cornered, that
one already can build up a pretty comprehensive database
of your activities and interests.  I, for one, am not
comfortable with that.

Regarding JavaScript, is it ever really necessary?  I
realize that the problems are caused largely by personal
web pages hosted by the free services, but often my spare
time web surfing takes me to those pages.  Whenever I
encounter a page that absolutely needs JavaScript, and I
really need to browse that site, I'll enable JavaScript
temporarily.  Ideally, I'd like to see a browser that
allowed me to selectively enable JavaScript for those
sites I regularly visit that require it.

You pointed out that JavaScript can be used to verify
input before being sent to the server.  Does that mean
you have no input verification on the server side?  If
so, are you not concerned about crackers sending faulty
or malicious data directly to your server?  Even if you
put some verification on the client side, you still have
to verify data on the server side anyways.

My main point is that when designing a web page, you
should never make any assumptions about the capabilities
of the browser, including support for cookies, Java, and
JavaScript.

(Actually, one of the reasons I have JavaScript disabled
on my browser here at work is that I often get error
messages popping up!)

>If you're not accessing DBs, sure, use Perl.  I agree it never hurts to
>learn other languages.  but for every language that I know, as long as my
>company's data resides in PFs on the AS/400, I have yet to find a tool
that
>will work as well as RPG.  The other languages are simply to say that I
know
>them, and I rarely use them.  ie, RPG is a screwdriver for the screw we
call
>DB/400.  Java, Perl, etc. etc. are hammers.

I agree that RPG is best for DB access.  Perhaps the
ideal web application model on the AS/400 uses a
combination of different languages - RPG for the DB
access, and server-side Java for the web page
construction.  In other words, separate out the
business logic from the user interface logic.

Cheers!  Hans

Hans Boldt, ILE RPG Development, IBM Toronto Lab, boldt@ca.ibm.com


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].