Abstract
Validation of user input data is very important in web application. Not only it protects the system from various exploits, but it also improves the user experience. User immediately sees what values are missing or are not valid and should be fixed. It is important to validate code on client side in the browser, but that does not mean that the validation on server side can be omitted. The golden rule of the web applications is not to trust user input and validate code on server side as well. The user input validation is therefore duplicated -- it validates the input values first on client side using JavaScript before the data is sent to server and then the received data is validated again on the server side. Changes made to the validation code must be synchronized in code on both sides. All implementations must be also unit tested, multiple sets of unit tests must be created and maintained. We will describe how we extended white-box testing tool Pex to generate user input validation code for web applications created on .NET platform. The JavaScript client side validation code is generated from the controller code written in C#. The code then validates input values on the client side. Most of the testing can be automated executing generated test. Testing resources -- i.e time spent on testing and number of testers involved people -- are saved.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
