W3C home > Mailing lists > Public > w3c-wai-ig@w3.org > October to December 2003

Re: Remote Scripting -- Compliant with 508 and WCAG?

From: David Woolley <david@djwhome.demon.co.uk>
Date: Fri, 5 Dec 2003 22:48:02 +0000 (GMT)
Message-Id: <200312052248.hB5Mm2802553@djwhome.demon.co.uk>
To: w3c-wai-ig@w3.org

> Many of the Web applications that we build are conversions of
> Client/Server apps to Web apps. The biggest issue that we have to deal

If you mean Web applications, then you should not rely on scripting.

If you mean Internet Explorer thin client applications running on
a LAN or Virtual Private Network and the PCs and Assistive Technology
are given to users by the company using the application, I don't
see any great problem.

If there is any intention to have non-VPN access from off the LAN, you
should advise them of the security risks (currently IE has known exploits
which can only be blocked by disabling scripting until the next monthly
update cycle) and suggest that they make the site an SSL site, and
provide the hardware (so that home users don't have to configure their
own machines to suit the office) with it configured to require SSL 
for the trusted security zone and with the application server in that
zone.

Note that Microsoft's position seems to be that for what you are trying
to do, IE thin client solutions are wrong, and you should be thinking
in terms of .NET with more intelligence running client side.  That way
you are not fighting technology that is not designed for highly interactive
use.

Your main concern in using anything other than generic HTML is that you
may get caught out by special needs of a new staff member that may 
require a major rewrite.
Received on Saturday, 6 December 2003 03:38:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 19 July 2011 18:14:13 GMT