Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Server - side validation #32

Open
Dragomirc opened this issue Apr 13, 2018 · 0 comments
Open

Server - side validation #32

Dragomirc opened this issue Apr 13, 2018 · 0 comments

Comments

@Dragomirc
Copy link

Dragomirc commented Apr 13, 2018

User can modify the validation javascript locally (save the page and do anything with it) or javascript can be turned off in browser. So in this case client-side validation is useless. Hence, you should verify on server too

Client side validation is a plus, but You MUST use server side validation as well, because when you're accepting user information, you should always treat is as "hostile". If that data also gets fed into a database, ssv is your last line of defense because you don't want junk or invalid data in your database.

Client side validation is not bullet proof(javascript might be disabled), and therefore if something gets validated on client side, that doesn't mean it'll be valid when it arrives to your server.

Forgot to mention that you can reuse your logic from the clientside validation for your server side validation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant