Wally W. wrote:
^^^^^^^^
Your real name belongs there.
> On Wed, 24 May 2017 05:56:37 -0700 (PDT), justaguy wrote:
>>On Wednesday, May 24, 2017 at 3:11:53 AM UTC-4, Evertjan. wrote:
>>> I can imagine some clever ways clientside code can provide a low level
>>> of such security, but only with the help of serverside code, like
>>> one-time values of hidden <input>s.
>>
>>All right. I'm going with the best practice of server side data
>>validation now. Thanks.
JFTR: These approaches are not mutually exclusive. In fact, the best
server-side validation framework will also generate adequate client-side
validation code.
> […]
> That is where scripting belongs -- not in my browser, especially for
> navigation.
You are mistaken; at best, you are out of touch.
> Does it cost more server machine cycles to:
^^^^^^^^^^^^^^^^^^^^^
> 1) Run a server-side script, or
^^^^^^^^^^^^^^^^^^
> 2) Spew all the javascript (including multiple browser detection
> tests, only one of which is applicable per visitor) to each client
> machine?
1). That was easy :)
Besides, there is no “javascript”.
And although “multiple browser detection tests”, and “browser detection
tests” in general, do not have to be served by the same server, they are not
only unnecessary; they are, with few exceptions, *unwise*.
We have discussed this here /ad nauseam/. You should learn about a topic
before you comment on it.
> How much internet bandwidth is wasted through the inefficient sending
> of scripts to client machines?
Difficult to say. However, scripts do not *have* to be sent *inefficiently*
to client machines, and there is also “internet bandwidth […]” and “server
machine cycles” “wasted” by unnecessary roundtrips to servers.