For a back office application which is going to be used in house and users trained to use it, does it make sense to have browser side validation. After training users will seldom make mistakes. These mistakes would get caught at the server side. Also bearing in mind that the bandwidth availability is a lesser concern I feel we should avoid browser side validations. This will save the effort of maintaining the same functionality at two places.
For a back office application which is going to be used in house and users trained to use it, does it make sense to have browser side validation. After training users will seldom make mistakes. These mistakes would get caught at the server side. Also bearing in mind that the bandwidth availability is a lesser concern I feel we should avoid browser side validations. This will save the effort of maintaining the same functionality at two places.
Share edited Jun 1, 2010 at 8:03 Ryan Fernandes 8,5167 gold badges38 silver badges54 bronze badges asked Jun 1, 2010 at 7:51 RajuRaju 4155 silver badges8 bronze badges 2- 5 if you're going to do a lot of validation, you can save the effort by abstracting the functionality into some sort of ValidatingForm class that both validates at serverside and generates clientside JS to do the same validation. – Stefan Monov Commented Jun 1, 2010 at 7:58
- 1 What server-side technology are you using? – Richard Ev Commented Jun 1, 2010 at 7:59
8 Answers
Reset to default 6You always need the server-side validation.
As far as the client-side validation goes, not only does it save traffic but it also improves usability (immediate response, no round-trip to server). It is optional though.
You can minimize efforts for keeping two functionalities in sync by defining some constants in one place and injecting them into your JavaScript. That would work nice for such things as the input limit on textboxes, for example.
First deploy your application without client-side validation. Then observe your users to decide whether the effort of adding client-side validation would be worth the benefit.
Even with expert users on a fast network, client-side validation can make the application just that little bit faster and more pleasant to use.
In Java you can use libraries such as Spring Modules Validation. You specify your validation rules in your Java code using annotations, and the library generates JavaScript for client-side validation and Java for server-side. Neat. The original project has been forked and is now under development again.
Given the circumstances you describe, I'd tend to agree: the benefits of client-side validation don't seem to weigh heavily in your case. Just make sure that the server-side validation results in useful error messages and the form contents are not lost.
Client-side validation isn't just about bandwidth, it's also about user experience. Even expert users still slip-up when using an application, so I'd consider it mandatory for any modern web app.
I would argue that since you have serverside validation and your target audience is limited this could be an ok solution.
If the serversidevalidation gives you some decent error-messages that is displayed to a user, this seems acceptable to me.
If you're going to want to use your app from home to check on some work-related issues, bandwidth might still be a problem. Also, what's the point in sending potentially invalid data to the server, if you could check on it right away?
Think we need to look back at why we need server side validation, besides ensuring that the data is valid while we are writing it, we also need to do proper encoding to ensure that the user is not inserting any malicious inputs that might cause things like sql injection, Cross Site Request Forgery or Cross Site Scripting. U never know when your users might try to do something funny.
The main point of client side validation is mainly user experience, is the user experience important? If the app is going to be use quite frequently, it might be worthwhile to build in the validation. Save the user some effort is typing in wrong data and waiting for the page to e back. Sometimes as developers we don't really put too much effort into making the program usable, we tend to look at it from a functional perspective.
Of course if time is a constraint, server side validation is a must have.
Browser Side Validation oftenly called as CLIENT SIDE VALIDATION. for any application it's always good to have a client id's validations.
Following are the example of the validations you can check on client side
1] Mandatory Fields
2] Field Formatting (only numbers are allowed, special character are not allowed)
&
Following are the example of the validations you can't (or shouldn't) check on client side
1] Username uniqueness
2]
NOTE:- It's always good practise to create an application with Both Client Side & Server Side Validations. You should write a code for server side validation though you apply a client side validations because it may possible that user can disable a Browser's Javascript.