Server-Side Execute Q&A

What Is Client-Side Scripting?

In web applications, the client refers to the web browser running on the end-user’s local machine. Client-side scripting refers to running scripts in the browser. These are usually written in JavaScript because they run on any internet browser. When the application loads, the server provides the data. The script then runs without involving the server. The scripting responds to user input to display content.

What Is Server-Side Scripting?

Server-side scripting refers to running scripts on the webserver. You don't need to write in JavaScript since the server may support many languages. When the application loads, the server provides the data. The user interacts with the application and saves or submits. The server receives the data, runs the script, and displays content.

What Happens Where

Client-Side

Client-side scripting lets you validate input in the user's browser. Validating first, before sending it to the server, lets you give better feedback to the end-user. 

For example, if end-users enter an invalid birth date and move to the next field, you can show an error message immediately. This lets the end-user correct every field before they submit the module. If you validate on the server alone, they must submit, get an error message, and then hunt down the problem. 

Server-Side

Server-side scripting lets you validate input sent to the server. This helps protect against malicious users. Malicious users can bypass client-side JavaScript and submit dangerous input to the server. When you only use client-side scripting, you're trusting your interface for protection. This is dangerous. Malicious users can abuse your interface. Server-side scripting protects against:

  • Manual edits to the URL.

  • Users running their own JavaScript.

  • Tweaks to HTTP requests with another tool.

Server-side validation is also important for compatibility. Not all users, even if they're using a browser, will have JavaScript enabled.

Why Does Unqork Offer Both Client-Side and Server-Side Scripting?

You need both. Client-side provides a better user experience. Server-side ensures that the input the server receives is actually validated.