What is the use of front-end verification? The user can modify the value of the hidden field of the form through the browser and submit
Source: Internet
Author: User
What is the use of front-end verification? The user can modify the value of the hidden field of the form by the browser and submit?
, the user can easily change the value of the form through the browser, let the hidden chunks show up ...
Sometimes the front end will display different form items based on different values, or use hidden fields to record some key values ( such as the ID of the hidden field record when modifying a piece of information, and then update the data based on that ID after submission ), etc.
Can the user once modify these values, and then submit, then there is no trouble?
So after submitting the data must be very rigorous judgment to do the update?
PS: I always think the user is only able to view the front-end of the HTML\JS\CSS, do not want to bring can also be directly modified!?
------to solve the idea----------------------
Although you can modify some values with hidden fields, can you be sure that your changes are correct?
Blindly believe that the incoming data is a security big taboo
Hide the value of the field just for verification convenience
------to solve the idea----------------------
Of course, no matter how you modify the front-end JS judgment Ah, modify the HTML form information Ah, to the background will be used in the background scripting language again to judge. Because the previous paragraph of all the work is only to prevent the gentleman, not the villain Ah, like the hidden form should be to do JS form verification with, in order to give a better user experience, in fact, should not pass the database, summed up some is the front end after the judgment, in the database before or to judge.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.