15.2. Server-Side Validation¶
Web applications work under the client-server model. We have been focusing on the server portion, using ASP.NET Core MVC and C# to create server-side application code. A critical component of any well-made web application is validation, which is the process of checking that data conforms to certain criteria. Validation ensures that the application only stores meaningful data.
Consider a user registration form on a web site. Effective validation rules might require that:
- The username is between 3 and 12 characters long, and
- The password is between 6 and 20 characters long.
Server-side validation involves both the model and controller. The model is responsible for defining validation rules, while the controller is responsible for checking validation rules when data is submitted to the server.
15.2.1. Check Your Understanding¶
The best practice for validating data in a web app is to:
- Use client-side validation
- Use server-side validation
- Use both client-side and server-side validation
- Don’t validate incoming data