Client Side | HTML Tampering (3) | Cycubix Docs


In this simple example you noticed that the price is calculated client-side and sent to the server. The server accepted the input as a given and did not calculate the price again. One of the mitigations in this case is to look up the price of the television in your database and calculate the total price again.

In a real application you should never rely on client side validation. It is important to verify all the input sent by the client. Always remember: NEVER TRUST INPUT SENT BY A CLIENT.


Last updated