top | item 9746083

(no title)

koichirose | 10 years ago

I guess this wouldn't replace proper server side validation anyway, but it would be a nice addition.

discuss

None of HTML's new form attributes replace server side validation (which is annoying since you end up repeating code and having slight differences), however it's a good start.

With CORS and CSRF tokens, it would cut down on accidental issues – which for most sites is a bigger deal than malicious activity.

duskwuff|10 years ago

In that sense, it'd be a perfect analogue to the "maxlength" attribute on text inputs. (In fact, I wonder if it'd be sufficient to just make that attribute apply to file inputs as well...)

edent|10 years ago

Yeah, exactly. It just prevents people from uploading ridiculously large files which have no hope of completing.

BinaryIdiot|10 years ago

Well you can check file sizes in JavaScript before upload so you can do this already.

acveilleux|10 years ago

Yep, browsers could serve up a warning instantly.