A few general guidelines for JavaScript and Ajax Jquery with Drupal: 1)Do not rely on JavaScript for validation; users can disable JavaScript. 2)Do not assume that data sent to AJAX postback functions is sent by your JavaScript function. 3)Do not assume that data sent to or by a JavaScript function cannot be observed by the user. 4)Beware that certain DOM functions decode HTML entities. Do not reinsert those into a page without escaping.