8 Aug 2012 2:06 AM #16
Incorrect, you should always have Server Side protection/validation/encoding/decoding etc to ensure that the data that’s being sent or received by the client is as you require/is to the specification you impose.
You are right to say there is no single way to encode, the dev must come up with the correct method to suite the data.
You are also (sort of) right to say that having multiple methods is an overhead. A simple condition check (server side) is all that’s needed to determine if the data being sent from the client is to spec.
Remember, you should always have both client and server side protection/validation/encoding/decoding etc in applications. The client can “NEVER” be trusted, therefore the last bastion of protection and control is the server.
The Server is under your control, the Client is not.