A very long time ago I put together some javascript samples on my original site that over the years have attracted literally 100′s of thousands of visitors, two of the most popular pages by far are the one about javascript checkbox validation, and javascript login page…

Believe me I would no longer consider this worthwhile content but for the traffic the pages bring… I just can’t seem to find the time to update the pages, the one about the checkboxes will literally draw 9000 unique visitors every month, I think it’s due to perhaps some powerful ranking sites giving me a linkback years ago when that sort of thing counted more.

I also put in place a little forms collection capture on the homepage of my site with it also being the target url of the login form… yep beginner webmasters who thought that a plain text username/password in a super simple bit of javascript would secure their site had been happily posting me not only the URL where they hosted the script as the referrer, but also a good idea if not the absolute answer to what they had chosen for the login to their site to be..

Today I went through the logs to see if there are many beginner webbos out there nowadays and I see someone has an escape function to hide the login script, but of course in a few seconds you can find an unescape tool to crack the encoding… piece of cake.. and only slightly more than totally unsecure.

So please when making a site, do your authentication on the server.. this is 2011 afterall and you never know who is snooping.

I wonder why for almost a decade now with no effort on my part that http://www.netevolution.co.uk/scripts.asp?ID=25 comes up as a top 5 result in the SERPS for seemingly any permutation of “javascript checkbox validation”