[jiggy2011]

This is an interesting point and I wonder where the line would be drawn.

As an example I remember years ago when people say fit to create "secure areas" in websites by using a JS username/password prompt which meant that you could easily bypass this by viewing the source.

Now at the point you have done that perhaps you have knowingly done something to bypass the security.

Question is, what happens if you had JS disabled in your browser (or were using a browser that did not support it) which would be something you are clearly within your rights to do and therefor had no idea that such a security mechanicism was in place anyway?