What is the use of front-end verification? The user can modify the value of the hidden field of the form through the browser and submit

Source: Internet
Author: User
What is the use of front-end verification? The user can modify the value of the hidden field of the form by the browser and submit?


, the user can easily change the value of the form through the browser, let the hidden chunks show up ...

Sometimes the front end will display different form items based on different values, or use hidden fields to record some key values ( such as the ID of the hidden field record when modifying a piece of information, and then update the data based on that ID after submission ), etc.

Can the user once modify these values, and then submit, then there is no trouble?

So after submitting the data must be very rigorous judgment to do the update?

PS: I always think the user is only able to view the front-end of the HTML\JS\CSS, do not want to bring can also be directly modified!?
------to solve the idea----------------------
Although you can modify some values with hidden fields, can you be sure that your changes are correct?

Blindly believe that the incoming data is a security big taboo

Hide the value of the field just for verification convenience
------to solve the idea----------------------
Of course, no matter how you modify the front-end JS judgment Ah, modify the HTML form information Ah, to the background will be used in the background scripting language again to judge. Because the previous paragraph of all the work is only to prevent the gentleman, not the villain Ah, like the hidden form should be to do JS form verification with, in order to give a better user experience, in fact, should not pass the database, summed up some is the front end after the judgment, in the database before or to judge.
  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.