客户端验证是不必要的吗? [英] Is client-side validation unnecessary?
问题描述
请先检查这个问题.我经常听说
Please check this question before. I frequently heard about
...不要相信客户!不要相信客户!不要相信用户的输入!"
我同意单独的客户端验证是一个非常糟糕的主意.但如果是这样,使用客户端验证的优势是什么?有必要还是没有?什么时候应该使用客户端验证?
I agree with client-side validation alone is a very bad idea. But if so , what is the advantages of using client-side validation ? Is it necessary or not? When should I use client-side validation ?
忘记一些坏人(他们试图破解),请考虑每个请求都应该到达服务器端吗?我不这么认为.普通用户可能会输入错误的数据,这些应该主要在客户端结束.我相信它可以提高网站的性能.
Forget about some bad guys (who try to hack), please think about should every request reach to server side ? I don't think so . Normal users can input wrong datas and these should be mostly end at the client side. I believe that it may improve site's performance.
我尝试在我的网站中禁用开发者工具缓和坏人.我对我的网站同时使用客户端和服务器端验证.我相信还需要客户端验证.关于使用客户端验证的任何建议?
I tried to Disable developer tools in my site to moderate bad guys. I use both client-side and server-side validations for my sites. I believe client-side validations were also needed. Any suggestions for using client-side validation ?
推荐答案
我个人和你们一样使用.
I personaly use like you both of them.
想象一下电子邮件正则表达式:
客户端:
如果用户忘记了@
或类似的东西,您可以帮助用户知道错误
You help the User do know about a mistake, if he forget @
or something like that
服务器端:
最好的正则表达式帮不了你,要知道电子邮件是可用的.你需要给他发一封电子邮件.
The best Regex can't help you, to know the Email is availible. You need to send him a Email.
一般
使用客户端验证来帮助用户检测错误,如果您需要某些特定格式的数据,请使用服务器端验证.
Use Clientside Validation to help the User to detect Errors, use Serverside Validation, if you need some Data in a specific format.
这篇关于客户端验证是不必要的吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!