We (as new hires) had to add a fallback logic for input validation on every input element using only JSP and Spring controllers just because the client still uses IE6 and fucking disables Javascript!!

  • 14
    Input validation should always be performed server-si​de! You can have it client-side as well to provide instant feedback without reloading, but user input cannot ever be trusted without validation and sanitization on the server.
  • 0
  • 1
    No problem right ? You need the server side validation anyways.
  • 0
    @g-m-f Not if you supply proper validation measages that clearly indicate whats wrong.
  • 0
    @g-m-f Of course. Instant feedback is good design!
Add Comment