I just want to clear some things up about ASP.NET MVC and HTML5 validation. I disabled all jQuery validation on my project so I could use only HTML5 validation as it looks and feels much better than jQuery one.
The thing is, HTML 5 validation does not seem to react on MVC annotations inside C# models. (eg. [Required] or [Compare("Password"])) it does react on real html attributes to elements (eg. new { required = "required" }).
So HTML 5 validation works on JavaScript, right? Wouldn't this be vulnerable since one can disable browsers JavaScript and bypass the validation?
Also is it possible to find where these HTML 5 validation scripts are so I can alter them or add new ones (since I didn't find any for live password confirmation) or should I only write new <script></script> in my View?
Any information on this would be helpful, thank you.