Amazing article, I had no idea most of this stuff existed o_ô. A big thank you.
But on thing bugs my mind, it's the application of :invalid. I know it's for the example, but don't just set the background to grey :
Form can still be submitted
Pretty sure it's not accessible
And pay attention to form validation. Html & JS form validation are useless to stop hackers.
Make sure to verify & sanitize fields, value and type in the backend before using the data :)
Security is definitely an issue when doing the validation on the client-side. We should always validate the data on the backend server again. Thanks for reminding that.
For accessible, I should add aria-label for the button.
<buttontype="submit"aria-label="submit"></button>
Form submit event will be blocked if any of the input is invalid.
<formonsubmit={xxx}>...</form>
But If we use the button click event to submit the result, then we will need to add extra CSS to prevent the click event.
Just keep in mind that anyone (with a little tech background) can edit html/css/js with browser inspector, or even forge requests from scratch ^^'
For the accessibility, I was thinking about add/removing the disabled attribute on the button, to inform that the user can't send the form if it isn't properly filled (especially for color blind people or those who uses readers) ; and prefer the submit event on form, instead of banking on the button :p
Anyway, still a great post !
Cheers
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Amazing article, I had no idea most of this stuff existed o_ô. A big thank you.
But on thing bugs my mind, it's the application of :invalid. I know it's for the example, but don't just set the background to grey :
And pay attention to form validation. Html & JS form validation are useless to stop hackers.
Make sure to verify & sanitize fields, value and type in the backend before using the data :)
Thanks a lot for the feedback.
But If we use the button click event to submit the result, then we will need to add extra CSS to prevent the click event.
Just keep in mind that anyone (with a little tech background) can edit html/css/js with browser inspector, or even forge requests from scratch ^^'
For the accessibility, I was thinking about add/removing the disabled attribute on the button, to inform that the user can't send the form if it isn't properly filled (especially for color blind people or those who uses readers) ; and prefer the submit event on form, instead of banking on the button :p
Anyway, still a great post !
Cheers