avoiding redundant server-side validation after client-side validation
I see an inaccurate validation behavior on my asp.net (2.0) form. The EnableClientScript property of my validation control is set to True by default, so it performs the validation on clientside. But as soon as this occurs, it also performs the server-side validation, so the page refreshes. When the validation error occurs on clientside, it should not do the validation on serverside (I'm not calling Page.Validate() or doing Page.IsValid). In my past experience, asp.net handled this automatically, but I guess it's not always the case. How can I correct this?
|
0 |
|
dude153
10/1/2008 8:05:05 PM
asp.net.web-forms
93655 articles. 
5 followers.
10 Replies
1246 Views
Make sure your validator has the Display property set to Dynamic.
Thanks,
Max
Let Me Google That For You!
|
|
0 |
|
bullpit
10/1/2008 8:36:49 PM
Display
="Dynamic" made no difference. Isn't the Display property for the ErrorMessage or Text property's space allocation? So I think it has nothing to do with the problem I'm having now. Anyway I tried and didn't work. Any other suggestion?
|
|
0 |
|
dude153
10/1/2008 8:54:21 PM
My understanding is that the validation controls perform both client-side and server-side validation. This is by design, as it is what you would normally want. Client-side only validation can easily be circumvented by a savvy user - you have to have server-side validation of user input in order to make a web based system secure & robust.
Dave
www.davebartlett.net
|
|
0 |
|
saille
10/1/2008 9:30:59 PM
I think you're missing my point here. I'm with you on the making the app secure, but your input is not really related to my question. So let me repeat/clarify: when the clientside validation is performed, there's no need to make a trip to the server and do the serverside validation. The serverside validation should occur only if javascript is not supported by client. But currently I'm seeing both client and serverside validation happening with one button click (it does the clientside first and then immediately does it again on the serverside). I thought asp.net was smart enough to do the serverside only if javascript was disabled on client. I'm just using a regular RequiredFieldValidator by the way: <asp:RequiredFieldValidator runat="server" id="rfv" ControlToValidate="tb" Display="Dynamic" ErrorMessage="error" />saille:
My understanding is that the validation controls perform both client-side and server-side validation. This is by design, as it is what you would normally want. Client-side only validation can easily be circumvented by a savvy user - you have to have server-side validation of user input in order to make a web based system secure & robust.
|
|
0 |
|
dude153
10/1/2008 10:02:49 PM
Display
="Dynamic" made no difference. Isn't the Display property for the ErrorMessage or Text property's space allocation? So I think it has nothing to do with the problem I'm having now. Anyway I tried and didn't work. Any other suggestion?Yes, my bad. It should not do that if you have EnableClientScript = true. Can you post your code? Also, try setting this property again in the aspx page.
Thanks,
Max
Let Me Google That For You!
|
|
0 |
|
bullpit
10/1/2008 10:12:11 PM
Best practice is to always perform validation of user input on the server side. This is the only way to ensure you don't pass bad data, or malicious data further down the stack. Client-side validation is icing on the cake to make your app faster & easier to use. Anyone who can disable javascript can thwart your client side validation.
Dave
www.davebartlett.net
|
|
0 |
|
saille
10/1/2008 10:18:58 PM
By the way, do you have the ValidationGroup set on both the validation control and the button? Maybe thats what you're needing.
Dave
www.davebartlett.net
|
|
0 |
|
saille
10/1/2008 10:21:45 PM
Best practice is to always perform validation of user input on the server side. This is the only way to ensure you don't pass bad data, or malicious data further down the stack. Client-side validation is icing on the cake to make your app faster & easier to use. Anyone who can disable javascript can thwart your client side validation.
Dave, the problem is not whether to perform client side validation only or both, the problem is that even though client side validation is enabled, it is doing a postback which it shouldn't.
Thanks,
Max
Let Me Google That For You!
|
|
0 |
|
bullpit
10/1/2008 10:31:24 PM
Found the problem. I had javascript that conflicts with the one generated by asp.net. Thanks.
|
|
0 |
|
dude153
10/2/2008 8:15:49 PM
Well there you go...
Thanks,
Max
Let Me Google That For You!
|
|
0 |
|
bullpit
10/2/2008 8:16:49 PM
Similar Artilces:
Server side validation affecting client side validation
Hi there I have some client side validation that is working fine and enables/disables buttons based on user selections. This works great. However, when I perform server side validation using custom validators (like checking if the user has entered < HTML > tags or decimals in the integer boxes) and the server side validation returns isValid = false then all of the JavaScript validation that I've already done when the user clicked each control is lost. I don't understand why the enabled/disabled state of the control is not maintained. What is calling the JavaScr...
client side validation vs server side validation
hello i see a web form that consists of three controls :textbox,requiredfieldvalidator that weired to the textbox and a button within the click event of the button there is the following: if page.isvalid then response.redirect("Page is valid") else response.redirect("Page is not valid") end if according to my understandings: when the user does not fill anything in the textbox and then clicks the button the the page will not be submitted (i.e no request to the page will be happened or no postback will be happened) then no server event will be happened so it is sure when the us...
Server Side Validation vs Client Side Validation
If your page is using client side validation for required fields, expressions, etc. What are the benefits or disadvantages of using 'extra' server side validation for max lengths, parsing, etc? Both have their Advantages and Disadvantages... so give this a read http://www.dotnetexpertsforum.com/viewtopic.php?t=172 Regards,Vinz"Code, Beer and Music" that's my way of being a programmer!How to get your Forum Question Answered | Blog | CodeASP.NET hi there, advantage: because you are using javascript some browsers for any reason may not sup...
form double validation- server side and client side
Hi! I would like to make a server side validation after calling a js function that makes the client-side validation. I do not understand couple of things: 1. Do i need a server side button or a simple HTML submit button in order to call both of the tests? 2. How do i call a server side function which is written in csharp after i finish my JS validation (the submit button is calling the JS function for validation first.)- is it possible to call it directly from a js function? 3. I know that my toolbox on asp.net contains validation controls who probably are b...
Validation Controls in .NET ( Client side or server side?)
i have a very basic question. We have all these validation controls in asp.net ( required field, range validator and others)..my question is the required field validator is a server side control. So does that mean that it does a post back?..is it client side or server side control The only controls that post back are buttons and other inputs where you set AutoPostback="True", such as a dropdownlist or a textbox. Another way of posting back is using an UpdatePanel and placing a trigger in it for a specified control and/or event. All controls are considered clien...
validation, is it better to have client side or use server side validator controls
Hi All. I want to do validation on text boxes etc. Is it better to do client side validation or just use the server side validation controls? Hi! If for server side controls you mean RequiredFieldValidator, CompareValidator, RegularExpressionValidator, etc.. i can tell you that they use client and server validation. For instance if you use a RequiredFieldValidator, on the client will be a validation, but on the server this condition will be evaluated again. Probably one of the objetives of this is deal with client with javascript disabled. Of course I ...
Client side or server side validation???
I have multiple usercontrols each displayed by pressing a button and then change the apperance to a new user control and so on. I have to check that almost every field in this user controls have a value entered, and then indicate (e.g. with a red star) those textboxes that does'nt have a value entered. How should I do this in the best way, client side or server side with some validator? I have in mind that when using a server side validator, it may dissapear when making a postback. But I'm not sure, and I assume there is a way to come around this problem?What do you all say? Client side or s...
client side and server side validation
http://samples.gotdotnet.com/quickstart/util/srcview.aspx?path=/quickstart/aspplus/samples/webforms/validate/validator8.src&file=CS\validator8.aspx&font=3 i am trying to do custom validation something similar to the above. I hv done the Severvalidate method in the code behind. What about the client validation? do i do it in code behind or in javascript as shown? The goal is to add text like this to the page:<script language='javascript'>function MyFunction(src, args){ // your logic to set args.IsValid here}</script>ASP.NET doesn't care if you typed it directly in...
Validations client side or server side ???
Where should the validations (Required field, range, etc.) be done in an web page client side or server side? As per my knowledge most of the validations are on client side using javascript, unfortunately it won't work if someone has disabled their browsers javascript option. what do we do in this case? Any suggestion please. Both... Client-side for rich client experience. Server-side for data validation and for clients who have disabled javascript. *Always* validate on the server side. You will still get the benefits of client-side validation on browsers setup to handle th...
When do the validators kick in? Are they server side or client side?
Hello,I am confused. I was under the impression that asp.net validators work on the client side.But I was confused when I set the enabled property of validator to false and then the validator did not work. (RegularExpressionValidator1.Enabled = false;)But the other confusing thing to me is that if the validators work on the server side then when don't i see the page refresh like on other postback events? Kindly throw some light.Thanks! Validators always work on the server side (assuming they're enabled), but also work on the client side if EnableClientScript is t...
Client-side validation works, but server-side does not.
Hey all,I have got this text box control on my webform, which has two validators.. 1. RegularExpressionValidator and 2. CustomValidator.Now, RegularExpressionValidator control works if I enable client-script. But somehow it does not work for server-side validation. Any idea why this is happening? This happens to another textbox control on other web form as well which has similar coding. So, to enable the validation at present I can only do client-side validation I guess. 1 <TD> 2 <anthem:TextBox id="txtDatePlannedSurgery" CssClass="aspText" Runat="server" AutoCal...
Disabling Client Side and Server Side Validation
I have a page which contains a User ID and Password field which have RequiredFieldValidators against them. The page can also load a User Control which contains another field which also has a RequiredFieldValidator against it. When I submit the form I use the ValidatorEnable function to disable the validator, on the User Control Page, when the user is signing in. This works fine on the client side but the page fails on the server side as I presume it does not know that I have disabled the control from the client side. Can anyone tell me the best way to solve this problem. Thanks M...
SERVER SIDE DATA VALIDATION ON CLIENT SIDE
I wonder if this is the right forum to post this question because it is an issue about both server and client side processing. I am developing a web application (online store) which will run in a hosting company. Users accessing this app will be able to place orders with one limitation; the store has a schedule to accept orders. For example, it can be open from 8AM to 10PM and/or it can be closed on Mondays. I just can't validate time and/or day directly because time zone may lead to wrong results. So I thought about getting the schedule information, which is saved in my database, ...
Validation Conrols: Client Side or Server Side?
Hi Folks, I am just wondering if the validation controls, use javascript...or server side code behind...Clearly, I would prefer it be server-side, because i'm concerned that a potential evil-doer could by-pass the validation, by turning off JS.If the validation controls use JS --- can someone refer me to proper server side validation techniques (VB). Thanks, - Joel "The truth is rarely pure and never simple."- Oscar Wilde, The Importance of Being Earnest ASP.NET validation controls always use server-side validation, with additional client-side...
Hi there I have some client side validation that is working fine and enables/disables buttons based on user selections. This works great. However, when I perform server side validation using custom validators (like checking if the user has entered < HTML > tags or decimals in the integer boxes) and the server side validation returns isValid = false then all of the JavaScript validation that I've already done when the user clicked each control is lost. I don't understand why the enabled/disabled state of the control is not maintained. What is calling the JavaScr...
client side validation vs server side validation
hello i see a web form that consists of three controls :textbox,requiredfieldvalidator that weired to the textbox and a button within the click event of the button there is the following: if page.isvalid then response.redirect("Page is valid") else response.redirect("Page is not valid") end if according to my understandings: when the user does not fill anything in the textbox and then clicks the button the the page will not be submitted (i.e no request to the page will be happened or no postback will be happened) then no server event will be happened so it is sure when the us...
Server Side Validation vs Client Side Validation
If your page is using client side validation for required fields, expressions, etc. What are the benefits or disadvantages of using 'extra' server side validation for max lengths, parsing, etc? Both have their Advantages and Disadvantages... so give this a read http://www.dotnetexpertsforum.com/viewtopic.php?t=172 Regards,Vinz"Code, Beer and Music" that's my way of being a programmer!How to get your Forum Question Answered | Blog | CodeASP.NET hi there, advantage: because you are using javascript some browsers for any reason may not sup...
form double validation- server side and client side
Hi! I would like to make a server side validation after calling a js function that makes the client-side validation. I do not understand couple of things: 1. Do i need a server side button or a simple HTML submit button in order to call both of the tests? 2. How do i call a server side function which is written in csharp after i finish my JS validation (the submit button is calling the JS function for validation first.)- is it possible to call it directly from a js function? 3. I know that my toolbox on asp.net contains validation controls who probably are b...
Validation Controls in .NET ( Client side or server side?)
i have a very basic question. We have all these validation controls in asp.net ( required field, range validator and others)..my question is the required field validator is a server side control. So does that mean that it does a post back?..is it client side or server side control The only controls that post back are buttons and other inputs where you set AutoPostback="True", such as a dropdownlist or a textbox. Another way of posting back is using an UpdatePanel and placing a trigger in it for a specified control and/or event. All controls are considered clien...
validation, is it better to have client side or use server side validator controls
Hi All. I want to do validation on text boxes etc. Is it better to do client side validation or just use the server side validation controls? Hi! If for server side controls you mean RequiredFieldValidator, CompareValidator, RegularExpressionValidator, etc.. i can tell you that they use client and server validation. For instance if you use a RequiredFieldValidator, on the client will be a validation, but on the server this condition will be evaluated again. Probably one of the objetives of this is deal with client with javascript disabled. Of course I ...
Client side or server side validation???
I have multiple usercontrols each displayed by pressing a button and then change the apperance to a new user control and so on. I have to check that almost every field in this user controls have a value entered, and then indicate (e.g. with a red star) those textboxes that does'nt have a value entered. How should I do this in the best way, client side or server side with some validator? I have in mind that when using a server side validator, it may dissapear when making a postback. But I'm not sure, and I assume there is a way to come around this problem?What do you all say? Client side or s...
client side and server side validation
http://samples.gotdotnet.com/quickstart/util/srcview.aspx?path=/quickstart/aspplus/samples/webforms/validate/validator8.src&file=CS\validator8.aspx&font=3 i am trying to do custom validation something similar to the above. I hv done the Severvalidate method in the code behind. What about the client validation? do i do it in code behind or in javascript as shown? The goal is to add text like this to the page:<script language='javascript'>function MyFunction(src, args){ // your logic to set args.IsValid here}</script>ASP.NET doesn't care if you typed it directly in...
Validations client side or server side ???
Where should the validations (Required field, range, etc.) be done in an web page client side or server side? As per my knowledge most of the validations are on client side using javascript, unfortunately it won't work if someone has disabled their browsers javascript option. what do we do in this case? Any suggestion please. Both... Client-side for rich client experience. Server-side for data validation and for clients who have disabled javascript. *Always* validate on the server side. You will still get the benefits of client-side validation on browsers setup to handle th...
When do the validators kick in? Are they server side or client side?
Hello,I am confused. I was under the impression that asp.net validators work on the client side.But I was confused when I set the enabled property of validator to false and then the validator did not work. (RegularExpressionValidator1.Enabled = false;)But the other confusing thing to me is that if the validators work on the server side then when don't i see the page refresh like on other postback events? Kindly throw some light.Thanks! Validators always work on the server side (assuming they're enabled), but also work on the client side if EnableClientScript is t...
Client-side validation works, but server-side does not.
Hey all,I have got this text box control on my webform, which has two validators.. 1. RegularExpressionValidator and 2. CustomValidator.Now, RegularExpressionValidator control works if I enable client-script. But somehow it does not work for server-side validation. Any idea why this is happening? This happens to another textbox control on other web form as well which has similar coding. So, to enable the validation at present I can only do client-side validation I guess. 1 <TD> 2 <anthem:TextBox id="txtDatePlannedSurgery" CssClass="aspText" Runat="server" AutoCal...
Disabling Client Side and Server Side Validation
I have a page which contains a User ID and Password field which have RequiredFieldValidators against them. The page can also load a User Control which contains another field which also has a RequiredFieldValidator against it. When I submit the form I use the ValidatorEnable function to disable the validator, on the User Control Page, when the user is signing in. This works fine on the client side but the page fails on the server side as I presume it does not know that I have disabled the control from the client side. Can anyone tell me the best way to solve this problem. Thanks M...
SERVER SIDE DATA VALIDATION ON CLIENT SIDE
I wonder if this is the right forum to post this question because it is an issue about both server and client side processing. I am developing a web application (online store) which will run in a hosting company. Users accessing this app will be able to place orders with one limitation; the store has a schedule to accept orders. For example, it can be open from 8AM to 10PM and/or it can be closed on Mondays. I just can't validate time and/or day directly because time zone may lead to wrong results. So I thought about getting the schedule information, which is saved in my database, ...
Validation Conrols: Client Side or Server Side?
Hi Folks, I am just wondering if the validation controls, use javascript...or server side code behind...Clearly, I would prefer it be server-side, because i'm concerned that a potential evil-doer could by-pass the validation, by turning off JS.If the validation controls use JS --- can someone refer me to proper server side validation techniques (VB). Thanks, - Joel "The truth is rarely pure and never simple."- Oscar Wilde, The Importance of Being Earnest ASP.NET validation controls always use server-side validation, with additional client-side...
Web resources about - avoiding redundant server-side validation after client-side validation - asp.net.web-forms Server-side scripting - Wikipedia, the free encyclopedia
... unfocused, scattered, unnecessary details. WikiProject Technology or the Technology Portal may be able to help recruit an expert. Server-side ...
... unfocused, scattered, unnecessary details. WikiProject Technology or the Technology Portal may be able to help recruit an expert. Server-side ...
Google Cloud Platform simplifies server-side development for iOS w/ ‘Mobile Backend Starter’... Mobile Backend Starter that first debuted for Android developers back in June. Google says the application helps to simplify the server-side ...
Free Cooling: the Server Side of the Story
Servers that support higher inlet temperatures could significantly reduce or even eliminate the cooling costs of the data center. We received ...
Servers that support higher inlet temperatures could significantly reduce or even eliminate the cooling costs of the data center. We received ...
Google experimenting with server-side encryption for Drive
[Update: Check Now] Play Store For Android Gets Search Bar With Hamburger Flip In Server-Side UpdateGoogle is pushing out an update to the Play Store's Android interface that replaces the action bar with a standard search bar. Inside are the ...
Server-side update makes Siri a stickler for succinctness
Siri is already well known for her wit and willingness to joke, but a recent server-side update has given Apple's digital assistant the ability ...
Siri is already well known for her wit and willingness to joke, but a recent server-side update has given Apple's digital assistant the ability ...
Japanese RIAA wants server-side music DRM for mobile phonesThe Recording Industry Association of Japan—the Japanese version of the RIAA— …
New BaaS platform aims to eliminate writing server-side code... offering for desktop and mobile developers that's now leaving its beta phase. By removing the need for writing code on the server-side, Backendless ...
Dart improves async and server-side performance... Team Today's release of the Dart SDK version 1.3 includes a 2x performance improvement for asynchronous Dart code combined with server-side ...
Customize Google Using Server-Side ScriptsGoogle's services have a lot of powerful features, but they can't offer all the options requested by users. A popular way to customize Google ...
Resources last updated: 12/19/2015 11:14:30 AM