What is the logic behind filtering/sanitizing input?
I have always found it more logic to validate input instead of filtering it. How to appropriately filter data depends on the situation, so IMO it should be done in output or when saving to a database.
How should a website validate a users mailing address?
This is for a site that relies on shipping items via UPS or FedEx. I know there is software out there that does it (http://en.wikipedia.org/wiki/Coding_Accuracy_Support_System), but if you are trying to build your own solution for a simple website.
Validating best practices, property vs dto, simple type vs object
Consider an application where adds an email address to his profile and submits it.
How come verification does not include actual testing?
Having read a lot about this topic — such as on this Software Testing Fundamentals site on verification and validation and Software Testing and Quality Assurance: Theory and Practice by Naik and Tripathy — I still do not get it. Verification should prove that you are building the product right, while validation proves that you built the right product. But only static techniques (code reviews, requirements checks…) are mentioned as being verification methods. How can you say if its implemented correctly if you do not test it? It is said that verification ensures that the product meet specified requirements. Again, if the function is specified to work somehow, only by testing I can say that it does.
Functional testing in the verification
Yesterday my question How come verification does not include actual testing? created a lot of controversy, yet did not reveal the answer for related and very important question: does black box functional testing done by testers belong to verification or validation?
Verification of requirements question
Doing a lot of reading about V&V, I would need to clarify the following.
A lot of definitions (less formal ones found in books) define verification like that:
Verification: The software should conform to its specification.
But then they speak about requirement verification, design verification etc. If I say that these items are “software” in terms of applying the definitions, what should I checked them against? What specification should requirements, which is the basic information, conform to?
Password Validation using regular expressions in html 5 [closed]
It’s difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 12 years ago. this question may sound stupid, but no one […]
Is the use of “utf8=✓” preferable to “utf8=true”?
I have recently seen a few URIs containing the query parameter “utf8=✓”. My first impression (after thinking “mmm, looks cool”) was that this could be used to detect a broken character encoding.
How best to implement HTML5 support for my validation library
I have created an annotation-based validation library called regula. There seems to be some amount of interest around the framework and the next thing I’d like to do is to support HTML5 validation. Originally I figured that I would check to see if the browser supported the HTML5 validation that has been specified and to either emulate or delegate to built-in regula equivalents. This is trivial for things like required, but once you start getting into the date-validation, it gets tricky (date widgets, localization, etc.). So I have a few options in front of me:
Is server validation necessary with client-side validators?
I recently created a .net web app that used over 200 custom validators on one page. I wrote code for both ClientValidationFunction and OnServerValidate which results in a ton of repetitive code.