0

I would ask about using javascript function on server side for validation, are is true, secure and truth way ?

I see a website was development like this .. when user post data, php file was call a javascript function and check if valid or no .. so im ask about it.

I think its not secure, for many of cases like XSS, if Im true, can you give me some of issue for this procedure.

thanks a lot.

Improve this question
4
  • "php file was call a javascript function" — Do you really mean that? Or do you mean "PHP will send an HTML file to the browser and ask the browser to run some JS"? Commented Jun 9, 2014 at 9:41
  • Javascript is a client side language, and besides that javascript can be disabled in the browser Commented Jun 9, 2014 at 9:41
  • @gbestard — server side js Commented Jun 9, 2014 at 9:42
  • Quentin, sorry, but i see js server side Commented Jun 9, 2014 at 9:45

1 Answer 1

Reset to default
2

Since you clarified that you mean server side JS:

There are no inherit insecurities when performing input validation on the server, even if you pass the data from one server side program (which could be written in PHP) to another server side program (which could be written in JavaScript).

That does, however, add complexity and complexity is opportunity for bugs to slip in.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

thank you, thats surly what I mean, if i can ask aout it too, why a programmer needed to use this procedure, or when ?
The usual reason for passing data to a program written in another language is to avoid having to rewrite code that already exists in a different language.
thank you very much Quentin, Im sorry if Im ask a bad question, but you give a nice info

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.