Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.

Preview

Start a free Basic trial
to watch this video

Sign up for Treehouse

A Case for Form Validation

2:22 with Chris Ramacciotti

This video serves as a conceptual overview of form validation, referencing its importance in preserving data integrity in our database and application.

  • 0:00

    Whenever an application receives a request,

  • 0:02

    it is important that we ensure that the request is valid.

  • 0:06

    This comes in many forms.

  • 0:07

    The web server will ensure that the HTTP request was crafted

  • 0:11

    in a way that constitutes valid HTTP.

  • 0:14

    In the future, we'll ensure that the requestor has a right to make changes.

  • 0:18

    For example, we might validate that the requester is a currently logged in user.

  • 0:23

    But here, what we want to validate is that each piece of information that is inserted

  • 0:28

    is in the correct format.

  • 0:29

    For example, for adding a category, we might want to ensure that a category name

  • 0:34

    never exceeds 15 characters and is at these 3 characters in length.

  • 0:39

    Even more, we'd want to make sure a category name was provided at all.

  • 0:43

    This whole process is called data validation and

  • 0:46

    is part of every modern stable application.

  • 0:49

    Whether or not it's a web app and whether or not it's written in Java.

  • 0:53

    In the context of a web application, two forms of validation exist,

  • 0:58

    client side and server side.

  • 1:00

    Client side validation is written in JavaScript.

  • 1:03

    This allows for immediate feedback before an HTTP request is ever sent

  • 1:08

    upon clicking a form submit button.

  • 1:11

    That is, the browser displays an error without the server

  • 1:14

    ever having to check it.

  • 1:16

    Server side validation happens on the server.

  • 1:19

    And in our case, would be written using Java code.

  • 1:22

    Now, regardless of whether or not your application has client side validation for

  • 1:26

    sufficient security, you should always include server side validation.

  • 1:31

    Let me repeat that.

  • 1:33

    Your web application should always include server side validation.

  • 1:37

    This ensures that data that reaches the web server is indeed valid.

  • 1:42

    This prevents malicious and

  • 1:44

    nonsensical data from being planted into your database or on your web server.

  • 1:49

    Remember, even though you intend for users to interact with your web application

  • 1:53

    through a browser, as you saw in HTTP Basics.

  • 1:57

    You can reach a web server simply with programs like Telnet.

  • 2:01

    In this case, there's no client side validation since the validation

  • 2:05

    would have been written for a browser.

  • 2:07

    The user has cut out the browser with Telnet and

  • 2:10

    has therefore, cut out your client side validation as well.

  • 2:14

    Okay, you get it.

  • 2:15

    Always include service side validation.

  • 2:17

    Next, we'll look at exactly how we add that to our Spring app

You need to sign up for Treehouse in order to download course files.

Sign up