Last updated 26 July 2015. Created on 15 February 2007.
Edited by a.milkovsky, Heine. Log in to edit this page.

[This section is under construction].

A few general guidelines:

  • Do not rely on JavaScript for validation; users can disable JavaScript.
  • Do not assume that data sent to AJAX postback functions is sent by your JavaScript function.
  • Do not assume that data sent to or by a JavaScript function cannot be observed by the user.
  • Beware that certain DOM functions decode HTML entities. Do not reinsert those into a page without escaping.

Looking for support? Visit the forums, or join #drupal-support in IRC.