MicrosoftPieter_Cooreman, iisboy Absolutely agree. ASP is interpreted server-side and returns an output composed of HTML, CSS, and JS. If the server-side developer handles the received data properly, ASP is as secure as PHP, Python, or any other language.
PHP, as old as ASP, had the advantage of continuing to evolve with newer versions deemed more secure, simply because it comes with ready-made classes, methods, and functions for handling and sanitizing data. However, ASP developers are more skilled, as they created these functions themselves, making their code unassailable.
Many years ago, Microsoft, with Visual Basic for Client-Server and ASP for the Web, boasted the largest developer community, with over 10 million developers. For market reasons, Microsoft decided to abandon these languages and transition to .NET, losing many developers in the process. Some remained on ASP, some moved to .NET, but many got lost between Java, PHP, and other languages.
Even if we start today, there is still time to migrate some products and/or services to other languages, but some CRMs, software, applications, and management systems cannot be migrated due to their operational needs, complexity, and costs. What we are asking for is to keep ASP with VBScript functional.
