DEV Community

loading...

Discussion on: CSS Selectors Related to Form Control

Collapse
youpiwaza profile image
max

Amazing article, I had no idea most of this stuff existed o_ô. A big thank you.

But on thing bugs my mind, it's the application of :invalid. I know it's for the example, but don't just set the background to grey :

  • Form can still be submitted
  • Pretty sure it's not accessible

And pay attention to form validation. Html & JS form validation are useless to stop hackers.
Make sure to verify & sanitize fields, value and type in the backend before using the data :)

Collapse
oahehc profile image
Andrew Author

Thanks a lot for the feedback.

  • Security is definitely an issue when doing the validation on the client-side. We should always validate the data on the backend server again. Thanks for reminding that.
  • For accessible, I should add aria-label for the button.
<button type="submit" aria-label="submit"></button>
  • Form submit event will be blocked if any of the input is invalid.
<form onsubmit={xxx}>...</form>

But If we use the button click event to submit the result, then we will need to add extra CSS to prevent the click event.

form:invalid > button {
  background: darkgray;
  pointer-events: none;
}
Collapse
youpiwaza profile image
max

Just keep in mind that anyone (with a little tech background) can edit html/css/js with browser inspector, or even forge requests from scratch ^^'

For the accessibility, I was thinking about add/removing the disabled attribute on the button, to inform that the user can't send the form if it isn't properly filled (especially for color blind people or those who uses readers) ; and prefer the submit event on form, instead of banking on the button :p

Anyway, still a great post !

Cheers