Jan @Novoj Novotný

Go through presentation with me

Solved problem in 2018?

You don't see this too much lately:

Why we need form validations?

help the user to fill the data correctly

Why we need form validations?

protect application from consuming bad input

Why do we still fail in 2018?

  1. error handling doesn't lie on happy path
  2. it's considered "someone else's problem"
  3. even customers often don't have checking those
    in acceptation protocols

What are best practices of validation?

Right time
right after the user completed the input
Right place
next to the field where the problem is
Right color
red is for errors, blue for information, yellow for warnings, green for the confirmation of success
Clear language
what happened, what can user do about it
Accept partially correct data
correct them yourself when you can
Never rely on client side validations
or you'd be surprised soon

What choices did we made in FG Forrest?

Single place of truth
same logic executes validation on client and on server
some validations also can't be executed on client (free account)
Inline/live validation
user gets feedback immediately
Form state is kept on server
client sends only incremental diffs in user entered data
No programming required
developer should not be bothered by tuning validations


Ordinary form

Registration form

Corner cases

  1. related fields
  2. user devices with limited space
  3. enumeration attacks
  4. race conditions
  5. session drops
  6. conditional blocks of forms

When done right it may bring

  • a 22% increase in success rates
  • a 31% increase in satisfaction rating,
  • a 42% decrease in completion times

Source: Inline validation in web forms

Thank you for your attention


Contact me @Novoj or