Client-side validation Memes

Posts tagged with Client-side validation

Front End OTP Verification
Frontend Webdev Security Javascript Programming
20 days ago 235.3K views 0 shares
Front End OTP Verification
Someone named Suresh just committed a cardinal sin of web security. They're comparing the user's OTP input against a hidden field called otp_hidden ... which exists in the DOM... on the client side... where literally anyone can just open DevTools and read it. It's like putting a lock on your door but leaving the key taped to the doorknob with a sticky note that says "SECRET KEY - DO NOT USE". The entire point of OTP verification is that it should be validated server-side against what was actually sent to the user's phone/email. Storing it in a hidden input field defeats the purpose harder than using var in 2024. The red circle highlighting this masterpiece is chef's kiss. This is the kind of code that makes security researchers weep and penetration testers rub their hands together gleefully. Never trust the client, folks.

Client Side Validation
Javascript Webdev Security Programming Frontend
2 months ago 205.3K views 0 shares
Client Side Validation
So you're checking if an email is already taken by sending it to the server, getting back a list of all registered emails , and then doing a client-side .includes() check? That's like asking the bank to give you everyone's account numbers just to verify yours doesn't exist yet. Not only is this a massive security vulnerability (congrats, you just leaked your entire user database to anyone with DevTools open), but it's also hilariously inefficient. Why return an array of potentially millions of emails when the server could just return a boolean? The backend dev is probably crying somewhere. The cherry on top? After doing all this client-side "validation," you're still showing success messages without any actual server confirmation. Chef's kiss of terrible architecture. 🤌

When The Age Check Says No, But The Game Still Says Yes
Security Gamedev Programming Testing Frontend
6 months ago 242.7K views 0 shares
When The Age Check Says No, But The Game Still Says Yes
The perfect representation of Steam's age verification system! Steam asks if you're old enough to view mature content, you click "Yes" despite being 12, and Steam just... lets you right in. No ID check, no credit card verification—just pure digital trust in an era of zero trust architecture. It's basically the digital equivalent of a bouncer asking for ID and then immediately stepping aside when you say "trust me bro, I'm totally 18."