« Return to Thread: Field Validation

Re: Field Validation

by Nicolas Petton :: Rate this Message:

Some parts of this message have been removed. Learn more about Nabble's security policy.

I mean that client side validation is dangerous, especially with js code. For example, what if js is disabled on the client web browser? The form will be validated. Try on the website given by Janko, disable js and try it.
This introduces several vulnerabilities.

Nico

2008/3/13, Rob Rothwell <r.j.rothwell@...>:

Do you mean, for example, that I can make sure in an Ajax client that I have a 7 digit account number, but on the server I have to make sure it actually exists before I start trying to look up information about that account?

So...syntactic validation versus data validation?

Rob

On Thu, Mar 13, 2008 at 10:44 AM, Nicolas Petton <petton.nicolas@...> wrote:

Ok, all this could be good, but don't you think that it is more
important to validate on the server side ?The risk here is that people
won't validate on server side, and lots of errors could happen.

Nico
--
Nicolas Petton
http://nico.bioskop.fr
___
ooooooo
OOOOOOOOO
|Smalltalk|
OOOOOOOOO
ooooooo
\ /
[|]
--------------------------------
Ma clé PGP est disponible ici :
http://nico.bioskop.fr/pgp-key.html

_______________________________________________
Aida mailing list
Aida@...
http://lists.aidaweb.si/mailman/listinfo/aida

--
The foolish reject what they see, not what they think; the wise reject what they think, not what they see. -- Huang Po
_______________________________________________
Aida mailing list
Aida@...
http://lists.aidaweb.si/mailman/listinfo/aida

--
Nicolas Petton

http://nico.bioskop.fr
_______________________________________________
Aida mailing list
Aida@...
http://lists.aidaweb.si/mailman/listinfo/aida

« Return to Thread: Field Validation

LightInTheBox - Buy quality products at wholesale price