PDA

Click to See Complete Forum and Search --> : <noscript> tag, is it bullet proof?

webtekie
11-10-2003, 02:13 PM
I have three JSP pages that use JavaScript as data validation. I was using <noscript> tag to detect if JS was disabled and display an error. It works if user has disabled JS. However, if user came to first page with JS enabled, filled out the form and before submiting page disabled JS -- <noscript> does not really work. One the action page I have <noscript> detect, but in does not really work since it displays the <noscript> message, but executes the rest of the page as well.

Receiving Page:

<html>
<noscript>
<span class="hsText">No JavaScript decteted!</span>
<br>
JavaScript must be enabled to use this program. Please click
<a href="http://www.shopassistant.net/support/scriptenable/">here</a> to enable JavaScript.
</noscript>
<link rel="stylesheet" type="text/css" href="include/styles.css">
<script language="javascript" src="include/scripts.js"></script>
<body marginheight="0"
marginwidth="0"
leftmargin="0"
rightmargin="0"
topmargin="0"
bgcolor="#ffffff">
<%
// Do some JSP stuff here
%>
</body>
</html>


Is there any workaround for this?

thanks,
webtekie
AdamGundry
11-10-2003, 02:43 PM
Yes, the workaround is to do your data validation (and everything else) on the server-side, where you do not have to worry about what the user's browser supports.

Adam
webtekie
11-10-2003, 02:47 PM
But then JavaScript form validation is useless, unless you write the same routine on server-side...I read that MS .NET allows you to execute JavaScript on server-side so that's a nice workaround I guess.
AdamGundry
11-10-2003, 02:56 PM
Yes, IMHO Javascript form validation is useless - it cannot be relied on, because 13% of users have JS disabled and others could work around it. Hence if you really need validation, you need to do it server-side.

I believe ASP (and ASP.NET) allow you to write code in JS that executes on the server.

Adam
Charles
11-10-2003, 04:19 PM
There's nothing wrong with JavaScript, as long as one doesn't rely upon it - and client side verification is a good thing. You don't want all of your users to have to submit the form and wait for a response to find out that there's something wrong with the form. A proper form is validated both client and server side. To cut processing time on the server, one can use JavaScript to set the value of a hidden form field or even to change the "action" attribute of the form so that it goes to a server side script that doesn't bother with redundant verification.

And as some of the 13% of users who do not use JavaScript cannot use it because of some disability, using the NOSCRIPT element to present an error message is an insult and a cruel one at that.