CODEWITHSUNDEEP
asp.net
Surya sasidhar
Surya sasidhar

Reputation: 30303

Validation in ASP.NET

What's the best way to validate controls, client-side JavaScript validation or server-side validation?

Upvotes: 2

Views: 295

Answers (4)

Chris Fulstow
Chris Fulstow

Reputation: 41872

Both. Client-side for quick feedback to the user without needing to postback. Then again on the server-side, because client-side validation is easily bypassed.

Upvotes: 1

Oded
Oded

Reputation: 498904

The .NET validators work both client side and server side.

This is best practice, as you want the responsiveness of the client side, but the security of the server side (as you should never trust the client - always validate on the server as well).

For example - with tools like firebug, javascript may be active, but the script can be easily tampered with (so it "passes" validation on the client, even if it shouldn't). Your server side code is not exposed to the client, so you should always also validate on the server side.

Upvotes: 7

ACP
ACP

Reputation: 35268

As others have said, you should do both. Here's why:

Client Side

You want to validate input on the client side first because you can give better feedback to the average user. For example, if they enter an invalid email address and move to the next field, you can show an error message immediately. That way the user can correct every field before they submit the form.

If you only validate on the server, they have to submit the form, get an error message, and try to hunt down the problem.

Server Side

You want to validate on the server side because you can protect against the malicious user, who will probably know how to bypass your JavaScript and submit dangerous input to the server. The server should never trust input from the user, no matter what validation you've tried to do on the client side.

Server side validation is also important for compatibility - not all users will have JavaScript enabled.

Source JavaScript ClientSide vs. ServerSide Validation

Upvotes: 9

tagtraeumer
tagtraeumer

Reputation: 1491

both javascript validation helps you to save serverside traffic and the user doesn't have to wait, because he gets immediate feedback. but users can deactivate javascript, so you need serverside validation as a backup.

Upvotes: 1

Related Questions