javascript security

[crmamx]

I have a site designed with 3 frames: top=messages, left=navigation and right=content. All my programs use <base target="content"> so I never open a new window except to link to an outside site.

 

I have a simple password.html program written in javascript and the password is embedded in the program for comparison. I read where this is like no security at all. But no matter what program is displaying on the content.html frame, if you do a view/source from the browser, you always see the same thing, that is the frameset code.

 

So I am wondering where the security issue is.

 

Thanks

[Pikachu2000]

If you right-click in the frame, you can select "view frame source" in most browsers. If a value is sent to the client machine, there's a way for the user to get that value, I assure you.

[crmamx]

Oh my gosh! There it is for the whole world to see.

 

Will I ever learn all there is to learn? You people are killing me....haha  I am struggling to program adds/changes/deletions to my db and now I have to go study server side validation.

 

One further question. All they would see in the protected area are names, phone numbers and email addresses and for sale/swap. Are there really people out there that look for this to spam emails?

 

 

[Pikachu2000]

Oh yes. Without a doubt. There are entire industries devoted to harvesting unprotected email addresses so they can sell them or use them to generate spam.

[crmamx]

I appreciate you insight and time.