Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: To validate or not to validate: Client side validation

From: ㅤ ㅤRockey <skg102 () gmail com>
Date: Tue, 27 Apr 2010 01:49:12 +0530
Hello,

   Client side validation enhances the user interactivity and gives
the quick response to the end user about the input that has been
filled by the user
in the application. However as far as security is concerned then you
can rely on server side validations as a malicious users (crackers)
know this very well
how to bypass client side validation but you can still protect your
website from n00bs from trying something funny on your application by
using client side
validation but you have to make sure that server side validation is up
to the mark as your server side validation is you wall of defense.

 Okay as far as you are only considered with security then you need
not to emphasize on client side validation and you can move on, even
if the client side
validation is not there but i will recommend you to apply client side
validation to enhance the end users experience with your application.

Cheers,
Rockey

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: