This limit does not work for the usual HTML form.
It is only applied to the service terminal, which can contain any number of standard client meters in the page.
1. Can users bypass the client verification, submit illegal data to the server handler?
In the classic ASP, we usually get the data submitted by the server-side method to obtain the data submitted by the client, in the client, using JavaScript verification of the legality, but users can save the client's page to the local The hard disk, then remove the client verification, and point the value of the Action of the form to the server-side handler so that the user can bypass the client to verify.
In ASP.NET, we usually get the data submitted by the server side with paramvalue = txtparm.text, and verify the client via the RequiredFieldValidator, RegulaRexpressionValidator and other form validation controls, do not know if the user has a way to bypass the client's form verification , Use spoofing methods to submit illegal data to the server side. If possible, the client verifies whether these illegal data can be blocked?
2. When there is a client verification, is the server-side verification is also implemented?
