Reputation: 651
Disable form validation in browser
I'm coding on a website with forms and use HTML5 validation - no rocket science so far. Everything works fine for me in Google Chrome, but I want to get sure that even a IE 6 user with no formvalidation does not insert malformed data into my MYSQL database.
Is there any way to turn off the HTML5 form validation in Google Chrome or some other state-of-the-art browser to test the serverside data validation?
Upvotes: 17
Views: 51457
Answers (5)
Reputation: 1990
It now requires novalidate="novalidate" as below:
<Form novalidate="novalidate" onSubmit={this.handleSaveFormSubmit}>
Just novalidate no longer works, and Chrome displays "Please fill out this field"
Upvotes: 2
Reputation: 4332
Unfortunately, the accepted answer doesn't work anymore since it was introduced in case the form validation was buggy (see removal requests).
Luckily, there is a chrome extension that does that for us for every page: Auto remove HTML5 form validation .
I'm not the author of this plugin and I cannot guarantee you that it doesn't do anything it isn't supposed to. The source code is very short, though (about 5 lines).
Upvotes: 0
Reputation: 10569
This Chrome extension allows you to disable Chrome's built in HTML validation
HTML5 Form validation errors remover
Upvotes: 2
Reputation: 22710
To disable validation in HTML5 use
<form method="post" action="/foo" novalidate>...</form>
Refer this question for more details.I think Junit can also help to test server side validations.
Use parameterized query to gain more security. (If SQL query is formed using user input).
EDIT :
You can set it in About:flags
Steps:
1. On your Google Chrome address bar, type “about:flags” (without the quote) and press Enter.
2.Scroll down the list until you see the option “Disable HTML5 interactive form validation”.
3.Click the enable link.
Check : http://wikibin.org/articles/google-chrome-about-and-chrome-urls.html
EDIT 2 :
Just came to know that About:flags is depreciated use Use chrome://flags instead. Thanks @Max.
Upvotes: 57
Reputation: 114367
You should absolutely be validating on the server if you are building any SQL strings.
In the client you should be able to fall-back to JavaScript-based validation, but that's no protection. Do it on the server as well.
Upvotes: -4
Related Questions
- Disable validation of HTML form elements
- IE - How to disable validation detection from input after submitting the form?
- formvalidation.io disable validation for entire form
- Overwrite default browser form validation
- How to prevent form submission while using HTML5 client-side form validation in Opera 11?
- Find and disable unwanted form validation
- Avoid browsers default behavior required inputs
- Use form validation javascript only when browser can not validate form
- How to prevent the default browser input validation?
- Disable validation of HTML5 elements NOT in Form