Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It’s a major security/privacy issue, you don’t want to tell world+dog all registered users, especially since that’s typically an email address.

Huge, huge, massive “no no”.

Likewise you still have to do sever side validation as any client side code can be modified, or you can just send payloads directly to the server. IMHO client side form validation is dangerous as it gives a false sense of security.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: