0

I am wondering if it is necessary to validate data with javascript before submiting a form. If someone wants to be clever, he can disable javascript in a browser so it becomes useless. How do you think? Is server-side validation sufficient?

Artek
  • 57
  • 7
  • It should be validated at both frontend ( only some of the values which has some rules to be valid or pattern to followed is necessary ) and backend ( all the values ), – Code Maniac Aug 18 '19 at 12:36
  • Client-side validation is for convenience only. – RobG Aug 18 '19 at 12:39
  • 1
    @RobG it also reduces server load by filtering out data transfers that do not meet to requirements. In this way the server does not need to process those. – SomeDutchGuy Aug 18 '19 at 12:43

3 Answers3

1

Server-side validation is necessary but not sufficient. client-side validation helps to reduce invalid requests to the server and help the user to get it right sooner and easier.

Amin Bashiri
  • 198
  • 1
  • 2
  • 16
1

It depends on what your goal is.

Server side validation is mostly done to prevent unwanted data to be processed by your server.

Client side validation is often done to provide a better user experience and reduce the amount of invalid data transfers to the server.

Both have a completely different goal in mind. The first is aimed at security and the second at user experience.

SomeDutchGuy
  • 2,249
  • 4
  • 16
  • 42
0

Never trust data passed to your server from the client. Even if your form is validating correctly and preventing malformed input, a malicious user can still alter the network request.

  • from MDN and any decent programing site out there...
A. Meshu
  • 4,053
  • 2
  • 20
  • 34