HTML - How to prevent user from editing form's value?

Question

I am developing a simple web apps that allowed user to key in information using a form when I discovered I could edit that form\'s input default value using Chrome -> Check

Answer 1

You need to be doing server-side validation, to make sure the values you get from your client app make sense. If you know that a value of "9" will "thrash your DB", don't accept values of 9 from the client.

Obligatory XKCD link: http://xkcd.com/327/

Answer 2

You can't prevent users from modifying, adding or removing elements in the DOM. If you want that kind of control you should store the values of the elements you are outputting in an object and then compare what's coming in with the form post.

There are a million ways of doing this, if you want to ill post an example

Answer 3

For typical users, you can just add the attribute readonly to the form field(s).

For more advanced users/hackers that try to manipulate your server, you need to validate every piece of data that is submitted to ensure that tampering is caught and rejected. There is no client-side technique for this that is tamper-proof.

Answer 4

You could check for the correct kind of value in the server side. In fact you should check every data send from the client side to prevent an attack