js security question

Question

0.00/5 (No votes)

See more:

I'm generating a string with php for onclick event of an html button with an output like this:

HTML

<button class="ChooseButton" id="168" onclick="LoadTheme(['#993300', '#99CC99', '#003366', '#993300', '#99CC99'])">Choose</button>

When this button is clicked, corresponding function gets an array of colors and assigns them to some html elements.
Is this a secure code with those parameters?

Posted 21-Feb-15 6:48am

cs101000

Add a Solution

Comments

Richard MacCutchan 21-Feb-15 13:13pm

In what way do you mean "secure"?

Solai Raja 24-Feb-15 6:24am

There no such a secure information, so you do this.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Accepted Answer · 2015-02-21T07:54:00

Solution 1

By design, JavaScript is secure like hell, unless someone use such a dirty thing as embedded ActiveX components which spoil it all. However, how care if someone changes the colors on some page, even if it could make it completely unreadable (red font on red background)? What can it possibly destroy? Nothing, really.

—SA

Posted 21-Feb-15 7:54am

Sergey Alexandrovich Kryukov

Comments

cs101000 21-Feb-15 14:30pm

Well I'm not too much familiar with the ways of attacking or exploits and etc. What I mean is that someone can abuse this to do something that I don't ever expect to be possible(other than calling this js function and changing colors, of course).

Sergey Alexandrovich Kryukov 21-Feb-15 20:32pm

If you think about it, you will understand that nobody care is someone abuses it this way. :-)
—SA

Kuthuparakkal 21-Feb-15 16:02pm

:)

cs101000 22-Feb-15 2:07am

:D