tags:

views:

57

answers:

3
Q: 

Good reasons not to use client-side validation anymore (in additon to server-side)?

Looking at five or six login sections for various major 'web 2.0' sites, many of them seem to do all the validation server-side.

Can anyone provide any reasons for why none of these use client side validation aswell (i.e. javascript)? A prime example would be checking for empty text boxes when the user clicks 'login' and popping up an alert('Please enter your password and try again')).

Im aware it is easily circumvented/disabled, so for security reasons is pointless.

+2  A: 

There's no good reason not to use that kind of check. Saving your users time and frustration is a Good ThingTM.

Better yet, instead of a popup, disable the Login button (from JavaScript, not in the HTML itself, to make it degrade gracefully). Enable it only if a username and password are filled in, and display a helpful message that explains why the button is disabled. This could be as simple as the grey text "Enter your password" in the Password box.

Thomas  2010-07-05 11:16:00
Hmm, this doesn't answer the question at all, does it...
Thomas  2010-07-05 11:17:37
+1 for "instead of a popup". I hate popups.
sarnold  2010-07-05 11:17:38
+1  A: 

Personally, I always try to use both, but I can think of two reasons not to use Client-side validation.

  1. javascript not enabled on client
    side, therefore not possible... It's perfectly possible to trap whether js is enabled or not, and degrade nicely; but it is easier simply to
    code for the lowest-common
    client-side denominator simply assuming that client-side validation is not possible.
  2. Client performance. It's faster to simply
    submit the form than it is to
    validate then submit the form. It
    lacks the immediacy of cs validation if there are any errors to report,
    but is faster if there are no errors.
Mark Baker  2010-07-05 11:17:42
As to 1: With some thought (see also my post), no additional detection code is needed at all. Just consider the JavaScript as an optional add-on, and don't modify the existing form code.
Thomas  2010-07-05 11:19:35
As to 2: Submitting is usually a lot slower than running some simple checks. Even on a local network, I think this will usually be the case. A simple "is this field filled in" check will not take more than a millisecond.
Thomas  2010-07-05 11:20:39
:) I didn't say I agreed with them... but server-side-checking should always be done, so a submit/server-side-check will always be faster than a client-side-check/submit/server-side-check... if there are no errors.If there are errors, then you have the benefit of client-side-checking to trap and demand that they're fixed before the submit... that's the benefit of using both validations; but a lazy designer/developer might decide to skip the client-side validation for the sake of a few milliseconds of performance if 95 times out of 100 there were no errors
Mark Baker  2010-07-05 11:33:18
A: 

'cause it's pain in the *ss to write JS validation code ? :D just leaving the room

Maskime  2010-07-05 12:14:30

related questions

Would you override ScriptControl or BaseValidator for an async ASP.NET validator control?
Handling HttpRequestValidationException gracefully and ASP.net AJAX compatible?
How to Dynamically Generate String Validation?
Validate email address in Javascript?
Data Validation Design Patterns
Strong Validation in WPF
How to evaluate an IP?
Validating a HUGE XML file
Validate (X)HTML in Python
ValidationRule To Enforce Unique Name
Checking if userinput is a valid URI in XUL
XML Parser Validation Report
Email SMTP validator
MVC - where to implement form validation (server-side)?
How do you remove invalid hexadecimal characters from an XML-based data source prior to constructing an XmlReader or XPathDocument that uses the data?
How to check set of files conform to a naming scheme
What's the best way to implement field validation using ASP.NET MVC?
How do I validate xml against a DTD file in Python
What's the best way to validate an XML file against an XSD file?
Problem databinding an ASP.Net AJAX toolkit MaskedEditExtender
Validating posted form data in the ASP.NET MVC framework
Best method for varchar date validation in Sybase (T-SQL)?
How important is W3C XHTML/CSS validation when finalizing work?
How far should one take e-mail address validation?
ASP .Net Custom Client-Side Validation