client « Validation « JSP-Servlet Q&A

1. client/server side validation in book, Adv Java Server Pages by DM Geary

It is mentioned in the book that not only client side validation using javascript should be implemented but also server side validation because there's no guarantee that javascript is enabled in user's browser. Having both validations are understandable for redundancy purposes (and also for performance), but it seems implied that javascript has been disabled in some user's browsers. Is there any ...

2. Client side validation using JSP ???

3. client side validation vs Server Side

Always validate on the server, and that means everything that needs validation! You may optionally decide to also validate some things (maybe the most errorprone fields) on the client. Rationelle: people can bypass clientside validation by deliberately sending unvalidated data (for example by turning off javascript or by using a non-browser client to generate the data).