[java.assembly]

Dear All,
This is question of web developement.
In FireFox there is an add-on like "tamper data".
Using this one can manipulate the post data of the form.
How can we prevent this?
any suggessions..? any idea...?

Regards,
Samir

[Oler1s]

Quote

How can we prevent this?

Uh, you can't? That's why you don't trust the client and data sent by the client...

[dsherohman]

Can't be done. HTTP traffic is just plain text and, even if you could completely lock down every browser in the world, I could still telnet to port 80 and send the server whatever request (with whatever data) I want. No browser required. (Using HTTPS instead of plain HTTP would slow me down ever-so-slightly, because I can't do SSL crypto in my head and would need to find/make an SSL-enabled telnet client first, but it wouldn't stop me.)

Even with undocumented protocols using custom clients, such as, say, multiplayer games, people can reverse-engineer the data format and use that information to write auto-aimers, clients that let them see through walls, and other kinds of cheat-bots. Once you send data to the client, you have no control over what will be done with it, nor do you have any control over what they'll send back to you.

This is why the first rule of networked programming is to never trust what the client sends you. Always check it before you use it and ignore or reject anything that isn't valid.