using js validation on php server side, is secure?

Question

I would ask about using javascript function on server side for validation, are is true, secure and truth way ?

I see a website was development like this .. when user post data, php file was call a javascript function and check if valid or no .. so im ask about it.

I think its not secure, for many of cases like XSS, if Im true, can you give me some of issue for this procedure.

thanks a lot.

"php file was call a javascript function" — Do you really mean that? Or do you mean "PHP will send an HTML file to the browser and ask the browser to run some JS"? — Quentin, Jun 09 '14 at 09:41
Javascript is a client side language, and besides that javascript can be disabled in the browser — gbestard, Jun 09 '14 at 09:41
@gbestard — [server side js](http://en.wikipedia.org/wiki/Comparison_of_server-side_JavaScript_solutions) — Quentin, Jun 09 '14 at 09:42

score 2 · Accepted Answer · answered Jun 09 '14 at 09:45

2

Since you clarified that you mean server side JS:

There are no inherit insecurities when performing input validation on the server, even if you pass the data from one server side program (which could be written in PHP) to another server side program (which could be written in JavaScript).

That does, however, add complexity and complexity is opportunity for bugs to slip in.

answered Jun 09 '14 at 09:45

Quentin

914,110
126
1,211
1,335

thank you, thats surly what I mean, if i can ask aout it too, why a programmer needed to use this procedure, or when ? – Anees Hikmat Abu Hmiad Jun 09 '14 at 09:49
The usual reason for passing data to a program written in another language is to avoid having to rewrite code that already exists in a different language. – Quentin Jun 09 '14 at 09:53
thank you very much Quentin, Im sorry if Im ask a bad question, but you give a nice info – Anees Hikmat Abu Hmiad Jun 09 '14 at 09:55

using js validation on php server side, is secure?

1 Answers1