My general philosophy on this is clients will find ways to circumvent literally any special validation you are doing because they are vaguely in charge of their browser. Definitely use html form types, input, and pattern to attempt to ensure the user can't just do something wrong, but the backend needs to be the authority on what is actually valid. I like this unix style "strings as the universal data type" idea - it's not about how it happens, it's about the output. I honestly can't comprehend how something thought it was better to do `const validKeys = [NUMPAD_1, NUMPAD_2, ...];` and not `const validCharacters = '01234567890';`.
No comments yet.