Home > Backend Development > PHP Tutorial > javascript - How to more easily verify whether the data from the front end is legal

javascript - How to more easily verify whether the data from the front end is legal

WBOY
Release: 2016-08-04 09:19:14
Original
1155 people have browsed it

According to a normal point of view, we can never trust the data from the front end, but for example, when submitting a form, my front-end js needs to be verified, and the back-end needs to be verified. It’s better to have less things to verify, but more (the rules are complicated) ) is troublesome. Is there any way to ensure that the front-end data is legal, or that the back-end can simply verify it (it’s a bit like a form token, although it is used to prevent repeated submissions)

Reply content:

According to a normal point of view, we can never trust the data from the front end, but for example, when submitting a form, my front-end js needs to be verified, and the back-end needs to be verified. It’s better to have less things to verify, but more (the rules are complicated) ) is troublesome. Is there any way to ensure that the front-end data is legal, or that the back-end can simply verify it (it’s a bit like a form token, although it is used to prevent repeated submissions)

Front-end verification only improves user experience, while back-end verification is a must.

Regarding your question, you can search the topic Front-end and back-end isomorphism . The general approach is to use nodejs as the middle layer, and deploy a set of front-end verification code in nodejs to avoid the back-end (the back-end here refers to The backend that communicates with nodejs, not nodejs itself) and then re-implement the verification logic.

Use a framework, such as yii,
Each form defines a Form model in the model layer, which defines some rules methods. It comes with many verification rules, such as email, string length, enumeration, etc. Of course, special rules can also be defined by yourself.

The best way to prevent repeated submissions or machine simulation submissions is to add verification codes.

Is there any way to ensure that the front-end data is legal, or the back-end can simply verify it

The questioner also said that you must not trust the front-end data. If the front-end performs any validation, the back-end must also perform consistent validation.

The background must be verified, because requests can be sent to the backend through simulation, thus skipping the front-end verification

No matter how good the verification done by the front end is. The backend still needs to ensure complete verification. It cannot be simply verified.
You cannot guarantee that the person sending the data sent the data through your set of verification.
In addition, front-end verification can also be regarded as improving the user experience.

Is there any way to ensure that the front-end data must be legal? Then we must ensure that the data received by the back-end must come from the verified front-end. This is difficult to do on the Web

So, when you write the verification, ask the front-end for a copy of the verification code they wrote and change it (smile)

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template