过滤器用于检查用户输入的输入是否符合公认的标准。过滤器用于浏览器(客户端过滤)或服务器(服务器端过滤)以验证用户在 Web 应用程序中给出的输入。
1. 服务器端过滤器:
这些是服务器中存在的过滤器检查类型。当用户键入输入时,输入被转发到服务器进行验证。如果用户输入的数据有效,则接受输入,否则根据输入抛出错误。
2.客户端过滤器:
这些是浏览器本身中存在的过滤器检查类型。当用户键入输入时,输入由客户端过滤器验证。如果用户输入的数据有效,则接受输入,否则根据用户输入的错误输入抛出错误。
网络安全中客户端过滤器和服务器端过滤器之间的区别:
| CLIENT SIDE FILTERS | SERVER SIDE FILTERS |
|---|---|
| The filters are present in client side or browser side. | The filters are present in server side. |
| Client side filters are easy to bypass or tamper. | Server side filters are difficult to tamper or bypass. |
| No load to the server as the browser is performing the input validation checks. | Server recourses are used as the input validation checks are performed in the server itself. |
| Code is written using client side languages like html, java. | Code is written using server side languages like php, c#. |
| Input is first validated by browser and is then forwarded to the server. | Input is forwarded to the server as it is (without the intervention of browsers). |
| Don’t provide much security to data. | Provide better security to data. |
| Response from client side filters are faster since they reside in the user’s browser itself. | Response from server side filters are slower since filter checks are present in server and they are sent back to user’s browser. |