Skip to main content
BuyLog In
Blazor
Search in…
Docs > Security Considerations > Validate User Input
All docs
V23.2
Blazor Components
Prerequisites
Supported Browsers
Get Started
Demos
Examples
Videos
Common Concepts
Components
Styling and Themes
Security Considerations
Content Security Policy
Validate User Input
Prevent Cross-Site Scripting Attacks
Troubleshooting
Blazor & WinForms App UI Framework (Powered by EF Core)
Maintenance Mode
API Reference
Download CHM

Validate User Input

DevExpress Blazor UI components support Blazor form validation. Once a user attempts to submit changes, an edit form can validate user input and mark data editor borders with a colored outline. Red indicates invalid values, while green indicates values that were posted successfully.

Validate Input in Form Layout

Refer to one of the following help topics for more information on input validation when using DevExpress Blazor components:

Important

You should not rely on form validation alone to secure your Blazor-powered app. Form validation is designed to improve usability. A threat actor can bypass validation and send malicious data to the server. To minimize security related threats/risks, you must validate user input using multiple strategies.

To minimize risk and security related threats, you should take the following actions (in addition to form validation) in your Blazor app:

  1. Validate data before you save it to a database or use it in any other manner.

  2. Validate inputs and results from JS interop calls.

  3. Specify data integrity conditions at the database level.

To mitigate threats for a Blazor-powered app, refer to the following Microsoft document: Threat mitigation guidance for ASP.NET Core Blazor interactive server-side rendering.