To what extent should I rely on client-side validation?

Question

To what extent should I rely on client-side validation?

I have a long form that heavily uses client-side validation (written in jQuery). To prevent users with JavaScript disabled from submitting the form, I included a hidden field that is populated with javascript_enabled jQuery. If JS is disabled in the browser, then the file remains empty and the form will not be submitted.

The question is, is this enough, and should I feel safe, or do I also need to enable server-side validation for each field?

+3

javascript validation

Eleeist May 05 '12 at 9:54

source share

4 answers

? . . UX.

.

+6

Joseph 05 '12 9:56

, .

( ).
. ( JavaScript, HTTP, , , CURL)

( )
, XSS SQL Injection. ( )

,

WebSocket , . WebSockets () , , , . , !

+4

Jack 05 '12 10:17

share

Verification on the server side is mandatory, verification on the client side should do as much as practically without the overhead of a trip to the server.

0

Tony hopkinson May 05 '12 at 10:01

source share

Denys Séguret · Accepted Answer · 2012-05-05T09:56:11+0000

No. Client-side verification is available only for the convenience of the user, and not to protect your server.

.

, .

To what extent should I rely on client-side validation?

,

More articles: