Tham khảo sách 'javascript bible_ chapter 40', công nghệ thông tin, kỹ thuật lập trình phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | Security and Signed Scripts The paranoia levels about potential threats to security and privacy on the Internet are at an all-time high. As more people rely on e-mail and Web site content for their daily lives and transactions the fears will only increase for the foreseeable future an indeterminate number of Web WeeAs . As a jokester might say though I may be paranoid but how do I know someone really isn t out to get me The answer to that question is that you don t know and such a person may be out there. But Web software developers are doing their darnedest to put up roadblocks to those persons out to get you hence the many levels of security that pervade browsers such as Navigator. Unfortunately these roadblocks also get in the way of scripters who have completely honest intentions. Designing a Web site around these barriers is one of the greatest challenges that many scripters face. Battening Down the Hatches When Navigator 2 first shipped to the world way back in February 1996 it was the first browser released to include support for Java applets and scripting two entirely different but often confused technologies. It didn t take long for clever programmers in the Internet community to find the ways in which one or the other technology provided inadvertent access to client computer information such as reading file directories and Web surfer activities such as histories of where you ve been on the Net and even the passwords you may have entered to access secure sites . JavaScript in particular was the avenue that many of these programmers used to steal such information from Web site visitors browsers. The sad part is that the same features that provide the access to the information were intentionally made a part of the initial language to aid scripters who would put those features to beneficial use in controlled environments such as intranets. But out in the Wild Wide Web a scripter could capture a visitor s e-mail address by having the site s home page .