struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cook, Levi" <levi.c...@kraft.com>
Subject RE: development issues
Date Tue, 27 Mar 2001 15:45:58 GMT
Surely I'm reiterating the obvious here, but Javascript alone cannot/should
not be relied upon for validation. It does play a useful and important role,
however its scope should normally be limited to improving the users
experience with supplying input that our system understands. If the
framework provides a facility for sending Javascript to the browser, I would
propose including a mechanism that allows the developer to specify which
browsers their script can safely run in.

Its just a quick observation, but the role of validation within Struts (a
web app. framework) should be limited validating user input. This is closely
related to the role an ActionForm plays by representing user input as
Strings. Therefore, IMHO, the goal of Struts validation should simply be to
ensure user supplied input can safely be converted into the objects &
primitives our domain objects expect. Within this context, validating user
input, regular expressions are very valuable and powerful and should be made
available.

As someone else stated earlier, domain specific validations can, and
normally do, require more sophisticated mechanisms than regular expressions
alone provide. In general, I would not advise that anyone make their domain
validations dependant on the validation facilities that Struts or JavaScript
provide.

Anyway, that my 2 cents,
Levi Cook
Greenbrier & Russel
Madison, Wisconsin
www.gr.com
lcook@gr.com


-----Original Message-----
From: Jim Richards [mailto:grumpy@cyber4.org]
Sent: Tuesday, March 27, 2001 9:04 AM
To: struts-dev@jakarta.apache.org
Subject: RE: development issues



>But its not bad either for basic form validation (null, range checks &
like)
>and much better than using Javascript. I dont think any backend will rely
>upon JSP validation and wont perform its own tests prior to saving the
data.

Well, one of the 1.1 discussions is client side validation using JavaScript,
which as of JavaScript1.2 has regext facilties built in, so I'd expect
they'd
be used. But that stops older browsers from working. But as you point out,
server side validation should be done as well to correctly check the data
against a greater number of tests.


--
Kumera - a new Open Source Content Management System
for small to medium web sites written in Perl and using XML
http://www.cyber4.org/kumera/index.html

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message