Did I mention that I’m working with a well known hacker ?
Well, It’s about time, so I present to you – Amir Markowitz aka “The Hacker”.

Amir taught me today how to send javascript commands directly through the address bar !
Look at the “damage” he did to my site !

As you can see, he managed to change the background color in one simple command.

Think about changing Page_IsValid property or performing __doPostBack(“”,””) through the address bar –

javascript:void(Page_IsValid=true); __doPostBack(“”,“”);

This could be deadly if you don’t perform Server-side validation as well !