All geek questions in one place

How to check on the client side and check on the server side in synchronization?

Typically, when writing a web application, we want to perform validation on both client sides to offer immediate feedback on the server side to ensure data integrity and security. However, client-side browser applications are usually written in JavaScript. The server side can be written in Java, Php, Ruby, Python and many other languages. When the server side is supported by something like node.js, it is very easy to reuse the same verification code on both the client and the server, but if the server side is based on Rails or Django (or some other structure, you can call ), what is the best way to make sure the verification code is kept in sync? It seems a little redundant to reimplement the same code in multiple languages.

+4
source share
2 answers

If you remember the following, it might seem that you can duplicate some of the checks.

Allow verification in two parts. A) Business confirmation, for example. "The amount in field X must be greater than $ 500 if flag" Y "is marked" B). Basic data checks, for example. data type checks, null checks, etc. (We can discuss that each audit is a business audit, but this is purely contextual).

Category A: This is part of your business logic and should only be stored on the server side.

Category B: Validations of this type are potential candidates to be placed on the client side. But keep in mind that browser validation can be bypassed . This does not mean that you should not have validation on the browser side at all, but such checks should only be considered as a bonus to save the network transition from the server. The server must re-run these checks.

In a nutshell, validation should not be considered as a unit of reusable code at different levels. Their purpose varies and should provide redundancy.

Hope this helps.

+2
source

From the projects I saw there are three general strategies:

  • Completely duplicate checks on the client side and on the server side. This will require two different codebases for the javascript and java / C # / ruby โ€‹โ€‹interfaces. You will have to manually maintain the synchronization logic.

  • Perform minimal client-side validation. Check only very simple material. Verify that the server side has performed a full check. Ask the server side to pass some kind of validation object for the client and ask the client logic to translate this into user interface messages (error messages, red borders, etc.). The Asp.net MVC framework is roughly an example of this model.

  • Use ajax to do checks on your server side when the user modifies or leaves each control. This can provide all of your server-side validation and reduce the wait time for user feedback, but can significantly increase server-side traffic.

In my experience, option 1 is usually less of a pain point than maintaining additional code and the complexity required for options 2 and 3.

0
source

Source: https://habr.com/ru/post/1386995/

More articles:


All Articles