Validating the web application on both server side as well as client side

in STEMGeeks3 months ago

Web applications are evolving and some of the web development concepts are also evolving and mostly based on the need of today's world. It is important that every developer should understand the modern best practices and work based on them. If we are building a web application, validation is very important. In most cases, the validations are done only on the client side and server-side validation is ignored unless the data received from the front end is very sensitive. If we are building an application for customers who store sensitive data on a database, it is very important to make sure we accept clean data from the front end.

One of the biggest reasons why we do server-side validation is that people manipulate the backend calls and try to bypass the validation done on the front end and directly provide data to the backend. Even if we have enough validation in place, it is easy to manipulate the calls sent to the backend and provide updated values. It is the responsibility of every user to keep their credentials on their browser safe but if there are fundamental problems in the application on validations, it can be hard to control exploits.



Sometimes it can be painful to do validations for each and every field on the server side. People mostly check if the data is received in the right format and some basic things are sorted but it is important to validate everything in the backend as well and provide feedback to the users then and there and even to the level of each field. This can prevent issues related to data injection and data manipulation. It will also be easier for the developer to avoid issues that would occur because of this in the future.

The next obvious question a developer would usually get is if doing validations directly on the backend is good or if we should have the validation replicated in the front end. This means it is good to call the backend and ask for each and every action or it is okay to replicate all the validations on the front end. I would say for smaller applications with a high-security need, a call to the backend for each and every validation is not a big deal. But for enterprise applications where there are too many fields and too many dependencies on the backend, it can be hard to make calls for each and everything to the backend. A heavy-weight application can have the validation logic implemented two times where one would be on the front end and another would be on the back end. I understand it can be an overhead sometimes but it can save a lot of time for us if the app is supposed to grow in the future.

Client-side validation is also something that developers should not ignore just because we implement logic in the backend. Client-side validation gives a good user experience and should not be skipped on forms that are big or any form for that matter.

If you like what I'm doing on Hive, you can vote me as a witness with the links below.

Vote @balaz as a Hive Witness

Vote @kanibot as a Hive Engine Witness


That's about it a tester's life is difficult as it is. But when the backend validations come into play it is a whole new level of nightmare.
Going through the logs is another painful experience IMO.
But after dealing with the bugs one thing is for sure. If you want the system to work you need to place validation. (Front and Back)

Bang, I did it again... I just rehived your post!
Week 136 of my contest just can now check the winners of the previous week!

some times it is difficult to forecast a problem through a client's eyes!
But we need to


You have received a 1UP from @gwajnberg!

The @oneup-cartel will soon upvote you with:
@bee-curator, @stem-curator, @vyb-curator, @pob-curator, @neoxag-curator, @pal-curator
And they will bring !PIZZA 🍕.

Learn more about our delegation service to earn daily rewards. Join the Cartel on Discord.


I gifted $PIZZA slices here:
@curation-cartel(1/20) tipped @bala41288 (x1)

Join us in Discord!

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share 100 % of the curation rewards with the delegators.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

Read our latest announcement post to get more information.


Please contribute to the community by upvoting this comment and posts made by @indiaunited.