+4420 3290 2266

info@coldcore.com

Project Haala

Documentation

Validation The Platform HAALA

The system validates user input on the client side and then again on the server side.

Client side validation is very verbose telling a user required fields, minimum length, syntax errors etc. This validation is performed by Javascript prior to submitting a form - user is able to see and fix all mistakes.

Server side assumes that client side validation was successful but still performs its own validation. In case if the validation fails due to possible hack or a bug, it sends back generic error code. User then can contact support and report the issue.

Both client and server validation use the same regular expressions to validate inputs. Server side validation does not send back any text but it may send error code for special cases such as session expired. The client side then displays the server error response.

Security

Server side validation goes further providing layer of security. For example, if a user wants to delete object which does not belong to her, validation detects it and does not allow this request to pass further. Combined with another security aspect which checks if the user is authorized to make this call based on her role - services do not have to perform any security tests assuming that everything was checked and the data is valid.

sitemap