ASP.NET MVC客户端验证 [英] ASP.NET MVC Client Side Validation
问题描述
我所有关于使用ASP.NET MVC,但我希望改进的一个方面是客户端验证。
I am all about using ASP.NET MVC, but one of the areas that I hope gets improved on is Client-Side Validation.
我知道最新的版本(预览5)有许多新功能用于验证,但它们似乎都是在页面发布后。
I know the most recent version (Preview 5) has a lot of new features for Validation, but they all seem to be after the page has been posted.
我看过一篇有趣的文章< a href =http://blog.codeville.net/2008/04/30/model-based-client-side-validation-for-aspnet-mvc/ =nofollow noreferrer> Steve Sanderson ...使用实时验证,Castle.Components.Validator.dll和他制作的Validator框架。
I have seen an interesting article by Steve Sanderson... using Live Validation, Castle.Components.Validator.dll, and a Validator framework he made.
我在我的项目中使用过它,但是我希望它会被集成到官方的ASP.NET MVC版本中。我绝对认为业务规则应该驻留在模型上或控制器中而不是视图中。
I have used it in my project, but I am hoping something like it will get integrated into the official ASP.NET MVC release. I definitely think the business rules should reside either on the model or in the controller rather than in the View.
你们有没有使用类似的方法?
Have any of you used a similar approach?
您是否知道将这样的内容添加到官方ASP.NET MVC版本中?
Are you aware of something like this being added to the official ASP.NET MVC release?
推荐答案
显然,您仍然需要在服务器端验证禁用javascript的小部分用户的输入。
只是对此评论的更新。服务器端验证与禁用JavaScript的用户无关。相反,出于安全原因需要它,并且需要进行无法在客户端上执行的复杂验证。表单应始终具有服务器端验证。客户端验证只是为了方便起见。
Just an update to this comment. Server-side validation has nothing to do with users that run with JavaScript disabled. Instead, it is needed for security reasons, and to do complex validation that can't be done on the client. A form should always have server-side validation. Client-side validation is only there as a convenience.
恶意用户可以轻松地将数据发布到您的表单,绕过您所拥有的任何客户端验证。 绝不信任输入数据!
A malicious user could easily post data to your form bypassing any client-side validation that you have in place. Never trust input data!
这篇关于ASP.NET MVC客户端验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
