客户端验证是不必要的吗? [英] Is client-side validation unnecessary?

问题描述

请先检查这个问题.我经常听说

Please check this question before. I frequently heard about

...不要相信客户！不要相信客户！不要相信用户的输入！"

我同意单独的客户端验证是一个非常糟糕的主意.但如果是这样，使用客户端验证的优势是什么?有必要还是没有?什么时候应该使用客户端验证?

I agree with client-side validation alone is a very bad idea. But if so , what is the advantages of using client-side validation ? Is it necessary or not? When should I use client-side validation ?

忘记一些坏人(他们试图破解)，请考虑每个请求都应该到达服务器端吗?我不这么认为.普通用户可能会输入错误的数据，这些应该主要在客户端结束.我相信它可以提高网站的性能.

Forget about some bad guys (who try to hack), please think about should every request reach to server side ? I don't think so . Normal users can input wrong datas and these should be mostly end at the client side. I believe that it may improve site's performance.

我尝试在我的网站中禁用开发者工具缓和坏人.我对我的网站同时使用客户端和服务器端验证.我相信还需要客户端验证.关于使用客户端验证的任何建议?

I tried to Disable developer tools in my site to moderate bad guys. I use both client-side and server-side validations for my sites. I believe client-side validations were also needed. Any suggestions for using client-side validation ?

推荐答案

我个人和你们一样使用.

I personaly use like you both of them.

想象一下电子邮件正则表达式:

客户端:

如果用户忘记了@ 或类似的东西，您可以帮助用户知道错误

You help the User do know about a mistake, if he forget @ or something like that

服务器端:

最好的正则表达式帮不了你，要知道电子邮件是可用的.你需要给他发一封电子邮件.

The best Regex can't help you, to know the Email is availible. You need to send him a Email.

一般

使用客户端验证来帮助用户检测错误，如果您需要某些特定格式的数据，请使用服务器端验证.

Use Clientside Validation to help the User to detect Errors, use Serverside Validation, if you need some Data in a specific format.

这篇关于客户端验证是不必要的吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！