 The student in this module, we will look at how people hack using the limitations of JavaScript, how hacking is performed. This course is not about hacking. I will only give you a very small idea about what can happen. Now if the programmers think and they assume that whatever goes into the web server is validated, is sanitized, this is far from the truth, that is not going to happen. People will always find ways of circumventing the validation which is implemented at the client side using JavaScript. So what is the purpose of JavaScript? The purpose of JavaScript at the client side when enabled is pre-validation. That is it, pre-validation. The actual validation has to take place at the server end, otherwise things can happen which are undesirable and which can create a lot of embarrassing situations also to say the least. So what is the module coverage? Here it is. We will look at a simple catalog order system. I will show you how it works very very briefly, show you the JavaScript and show you what will happen when the JavaScript is enabled and when it is disabled and of course very brief analysis and conclusion. This course is not about hacking. So this is the screen of a catalog order system and you can see that the grass is good, green, there are less weeds, there are less weeds and the owner of this lawn is selling the weeds. Since the weeds are very less, so they are highly priced, $100 per blade of the weed and here you enter the number of leaves, this is not a hashtag and then you click over here and place the order. So this is the scenario over here and the JavaScript which is corresponding to this code is over here, catalog order code, it has the JavaScript and it has the validation also to check how many leaves are ordered. Now let's see what happens. So over here, the person, the JavaScript is enabled, the person enters the number of leaves, okay, leaves is equal to three and the price is correctly shown as $300 because it is $100 per leaf, per leaf of the weed, okay, right. Now over here, the JavaScript is still enabled and the number of leaves from three, okay, over here it is changed to four. So I have this error message over here, okay, unit three, okay, this is only allowed. So JavaScript is enabled. Now what happens is that somebody, okay, what we can do is they disable the JavaScript and then they enter a large number of the weeds. So you see leaves over here, there is a big number over here, right and this will go to the database server. This will go to the database server and it will create all sorts of problems. Why this happened because this person over here disabled the JavaScript, disabled the JavaScript, there was no pre-veridation, okay, there was no pre-veridation and it went directly and what is the problem, the problem is that a person who is selling the weed does not have that required number of leaves of the weeds to sell and that creates a very, you have to say embarrassing situation and how that person is going to provide cannot provide, right. So what has happened, so what has happened over here is that something which was unexpected which was naive to assume that people have not disabled their JavaScript and people do worse over here. They actually change the price of the items, so if the item is like a thousand dollars they can make it a hundred dollars and they can use those extensions with passing from the page to the server, like put and get, okay and then they can create all sorts of problems. Why? Because the JavaScript was disabled and it was wrongly assumed that it will not be disabled. Now can't force people to turn on their JavaScript, it's the people's own choice and it is very difficult, very difficult to ensure all the time, hundred percent of the time that the JavaScript is enabled or disabled while a person is placing an order at you, at the client side, enabled or disabled. It cannot be ensured, so what is the solution? The only solution is that validate at the server end, so what is the purpose of JavaScript? The purpose of JavaScript is pre-validation, add the client and that's about it. Don't make wrong assumptions, otherwise you will be in problem, that is all for you in this module. Thank you very much.