18

What are my options for using the same JavaScript code to validate both on client side and on server side (Node.js)?

Sebastian Patten
  • 7,157
  • 4
  • 45
  • 51
  • 1
    I ended up writing my own validation. Basically I have a model e.g. Person that has validation on it. This Person model exists both on the client and the server. When a user enters details on my FORM, I populate the Person object and validate it, giving feedback to incorrect fields. Once the form is POSTed back the the server, I re-populate the Person object and re-validate with the values received from the client. If there is an error, I just send it back to the client. This way I can re-use the same model both on client and server, run unit tests and show errors with jquery. – Sebastian Patten Feb 06 '12 at 15:36

2 Answers2

9

Take a look at revalidator. It is described as "A cross-browser / node.js validator used by resourceful and flatiron."

staackuser2
  • 12,172
  • 4
  • 42
  • 40
-15

None, you are validating entirely different criteria on the server-side. Client-side validation is purely user-acceptance criteria and has nothing to do with security. Server-side validation almost exclusively concerned with security.

austincheney
  • 1,097
  • 7
  • 8
  • 11
    I disagree. Ignoring XSS and other injection, I still want to validate that a form field is X characters long and is a post code. Otherwise there would be nothing stopping me going into Firebug and changing the values submitted to the server. And using JavaScript both on the client and on the server would mean code re-use. It would be silly not to. – Sebastian Patten Nov 25 '11 at 22:02
  • XSS and other injection vulnerabilities cannot be ignored, so your point is irrelevant. – austincheney Nov 26 '11 at 12:14
  • I think his point seems valid. I want to verify that an email is an email on both the client and the server without writing the exact same code in the exact same language twice. See this rails gem for an example: https://github.com/bcardarella/client_side_validations – rgbrgb Nov 05 '12 at 20:32
  • 1
    I agree with @Underworld: You want - client-side validation for rapid user feedback and enhanced user interface - server-side validation for e.g. ensuring junk/malicious code doesn't get passed to your database – fatuhoku Mar 05 '13 at 12:05