Techniques to maintain data consistency in the front end

Question

Techniques to maintain data consistency in the front end

Asked 8 years, 10 months ago

Viewed 173 times

2

Example: In a form, some fields (input) are loaded via ajax from a select. To option selected will be used in the back-end for validation of those fields.

However, the user can load a certain option, fill in their fields and intentionally change the value (in the browser) of the tag option selected for another valid value, for example, and forward to the server.

How to ensure consistency of data coming from an HTML form? What techniques/methods are essential?

I understand that this can be handled under certain conditions in the back-end. My search is for what best practices are. For example, I think for each option, I must store an identifier token in a input[type=hidden], so you could easily check if the data is related to the selected option.

Forget it, there’s nothing to guarantee data on the client http://answall.com/q/13298/101, http://answall.com/q/67911/101

– Maniero

2015/08/12 at 08:35
It is not clear to me what information you want to guarantee. Your methodology also does not speak if you want to treat bots attacks on the form. Better describe the data flow between get and post. What would this Option be and when is it selected? Is a parameter visible to the user or is an internal system control variable?

– Intruso

2015/08/12 at 09:26

1 answer

Browser other questions tagged html security-guard

You are not signed in. Login or sign up in order to post.

by Alexandre Borela • **658** points · Answer 1 · 2015-08-12T08:16:30+00:00

The correct way is the one you are already doing, trying to validate directly in the browser and still have another validation on the server before executing the commands sent by the user.

This type of problem is not unique to HTML but any application that has a client and a server, where we do the validation in the client to avoid unnecessary connections to the server and yet another validation on the server of any data that is sent by the client, there will always be this double validation.

What I did and recommend to avoid code repetition was to put all the validation into the data model that was shared between the two, so I could call Pessoa.Validate that I would return true or false indicating whether it passed, out that would also have methods to pick up lists of errors from the validated object.