Are all scripts safe?


#1

Hello All,
I have a general question here..
There are various sites which offers ready made scripts to fit into users requirement. Is it safe to download and use them in our projects directly.
I have downloaded content from http://www.menucool.com/.


#2

I think most (if not all) sites that provide independently written scripts have disqualifying statements indicating that the site owner cannot be held responsible if a script written by someone does damage. That's pretty much standard operating procedure.

That said, it really comes down to the reputation of the site in question. I've never been to menucool, so can't speak as to reliability or safety. I'd do what you're doing - asking around to get feedback on a particular site. smile

V/r,

^_^


#4

JavaScript can't do any actual damage to your site (unless it calls the server in which case the script would have server side components as well).

Not all JavaScript is created equal though and badly written scripts (of which there are lots as many people are still writing their scripts the way JavaScript used to be written for Netscape 2) can break the functioning of your web page.

A good indicator of a well written script is that the entire script is in a separate file that can be attached at the bottom of your page and will only require the insertion of one or more ids and classes into the HTML in order for it to work.


#5

If you're going to use an external script/library/framework, there are security implications to consider, especially if any of it sends data back to the server (ajax calls, form posts, etc). This applies to any code you're using, not just JS. Make sure you keep up to date with any external code you're using (typically new versions come with performance and security improvements).


#6

is server side components means scripts written in php etc inside the Javascript?


#7

no - they'd be separate files called FROM the JavaScript


#8

Ok... you mean call from Ajax.. My current JavaScript didn't have any call to database or something else.. Thanks or letting me know this important point..


#9

Depends on what you mean by Ajax. If you mean any of the four methods of accessing the server from JavaScript then yes. If you specifically mean using XMLHttpRequest then no as it could also be any of the other three.

For example the heartbeat script at http://javascriptexample.net/ajax09.phpuses an image to pass the information from JavaScript to the server.


#10

Nothing on link, a broken one..
I am also getting image from database inside the slider but not through the same javascript function.


#11

Sorry. I have fixed it now.


#12