您应该在服务器端进行验证吗? [英] Should you do validation on the server side?

问题描述

你应该在服务器端做验证，还是只在客户端做验证?

Should you do validation on the server side, or is it ok to just do the validation on the client side?

@TheTXI

我很高兴您感到惊讶，我只是不想遗漏任何可能改变某人的答案以向我提供虚假信息的内容.

I am happy your amazed I just did not want to leave anything out that could potential change someone answer to give me false information.

似乎很多人都谈到了我要追求的内容，但 Ajax 的部分应该保留在我的问题中，因为这是最重要的部分.

It seems alot of people touched on what I was going after but the part of the Ajax should have been kept in my question as this was the most important part.

但是阅读我知道的帖子后发现，坏人可以轻松加载萤火虫并将我的按钮更改为提交按钮并发布帖子.或者其他方式.

However reading the posts I know see that a bad person could just easily load up firebug and change my button to a submit button and do a post. Or some other way.

推荐答案

浏览器/客户端验证很方便.你不能依赖它.您绝对需要使用服务器端验证来复制任何客户端级别的验证.

Browser/client-side validation is a convenience. You cannot rely on it. You absolutely need to duplicate any client-level validation with server-side validation.

这篇关于您应该在服务器端进行验证吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！