Just like the title says.. Should I make sure all values are valid before allowing the form to be submitted to the backend?
Asked
Active
Viewed 2.8k times
21
-
11Ideally, both. If it's one or the other, back end. – Jonnix May 27 '16 at 21:08
2 Answers
66
Front-end validation (javascript) can easily be bypassed. It should only be used to improve the "user experience" - by providing instant feedback. It also reduces the load on the server.
Back-end validation is a MUST. It has to ensure that the data coming in is indeed valid. Additionally, depending on your architecture, you generally re-use your middle-tier business logic amongst multiple components so you need to ensure the rules that are applied are always consistent - regardless of what the front-end logic enforces.
V33R
- 909
- 8
- 10
25
Frontend validation can easily be tricked. You should always check the data in the backend. So, while providing frontend validation is nice in concerns of usability, it's totally not neccessary.
Backend validation on the other hand is and it's the only way to have sane data.
Marc Dix
- 1,864
- 15
- 29