Home > Articles > Web Development > HTML/CSS

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend

Capabilities and Limitations of Client-Side Scripting

Client-side scripts execute in the Web browser under strictly enforced rules designed to protect the user's system from malicious code. Client-side scripts can control most browser behavior and manipulate most HTML document elements.

Client-side scripts are often used for navigation and to enrich and customize the user experience. Web developers extend the look and feel of the standard application by associating a script with a document element in such a way that the script executes in response to user interaction with the element. For example, a common user interface feature is an image that changes when the mouse cursor moves over it. Although the specifics of how the technology works will be deferred until a later article, Listing 1 illustrates one way that this functionality can be implemented using a client-side script.

Listing 1: Image Change on Mouse Hover

<script language="JavaScript">
 /* Preload images for responsiveness */
 var onImg = new Image(24, 22);
 onImg.src = "on.bmp";
 var offImg = new Image(24, 22);
 offImg.src = "off.bmp";

 /* Called on MouseOver */
 function turnOn(image) {
  document[image].src = onImg.src;

 /* Called on MouseOut */
 function turnOff(image) {
  document[image].src = offImg.src;
 <img id="TestImg" name="TestImg" src="off.bmp" 
    onMouseOver="turnOn(this.id);"  <!-- Display "On" Image -->
    onMouseOut="turnOff(this.id);"> <!-- Display "Off" Image -->

The entire user experience can be customized in this way. For example, the graphical user interface could be generated entirely by one or more scripts that evaluate the current state of the system at runtime and manage the display accordingly.

Like any technology, the value of client-side scripting is a trade-off between its pros and cons. Client-side scripts are great for tasks such as validating user input before sending it to the server, displaying messages to the user, and maintaining system state on the client. However, in the interest of safety, client-side scripts are precluded from implementing certain features. For example, client-side scripts cannot carry out file I/O or access a database. In addition, their nature as plain-text elements in the HTML document means that anyone who can load the document can readily examine the client-side script code. It is very difficult to hide the programming logic from the user, which raises serious concerns about protecting intellectual property. When all is said and done, however, the strengths of client-side scripting outweigh the weaknesses. Client-side scripts are a vital part of modern Web applications.

The next article in this series will continue our discussion of client-side scripting with a look at its constituent elements. Then, in future articles, we will review the major choices of programming language for client-side scripts and conclude with a set of recommended coding practices.

  • + Share This
  • 🔖 Save To Your Account