I was just wondering is there any way i can disable Browser plugins like Web Developer Tools, Firebug etc on my website ? I want to disable such plugins for Security purpose cause i realized that by using these tools one can manipulate the form data before passing it on server. I am already doing server side validation but still i would be happy if i could disable such scripts which has the potential to change the code of my site
Asked
Active
Viewed 1,023 times
-1
-
Hacking tag? You do not need a web browser to hack your site. I can load your site up in a command line and submit anything to your server. Security does not belong in the client. – epascarello Feb 15 '13 at 15:50
-
sorry epascarello you are right. would remove the hacking tag – Jigar Jain Feb 15 '13 at 15:55
3 Answers
5
No you can't.
And you must consider that anything that happens client-side is out of control : you must do all the validations server side. Client side validations are useful for the user's comfort, not for security.
Denys Séguret
- 372,613
- 87
- 782
- 758
-
-
@PhilipSheard I know I'm a poor English writer. Do you have any suggestion ? Is it better now ? – Denys Séguret Feb 15 '13 at 15:51
-
1
2
What ever changes a person can make to the client side code on your site with these kinds of tools will only affect themselves. You don't have to worry about them making the experience bad for themselves.
As long as you have sufficient server side validation to protect YOUR files on the server, everything will safe. With code running on your server, any input or data sent by a user should be treated as suspect. Validate all the data and don't assume that you're going to get what you expect.
Lix
- 47,311
- 12
- 103
- 131
1
Client side validation is specifically for the user's benefit and makin things look nice. Server-side validation is a must as really it is the only validation that matters.
Paul Gleeson
- 438
- 4
- 10