javascript - Mechanism problem with front-end password verification?

The keyup form event reads the character content of the input box. .

Question: How is the security? Is the change event allowed? How do you do it?

Modification 1: The security I understand refers to how jq's keyup or change reads the characters that identify the input. What is the mechanism inside? Since it can be read by the front end, does it mean it can be intercepted? Or is it recognized internally by the browser? Puzzled

Reply content:

The keyup form event reads the character content of the input box. .

Question: How is the security? Is the change event allowed? How do you do it?

Modification 1: The security I understand refers to how jq's keyup or change reads the characters that identify the input. What is the mechanism inside? Since it can be read by the front end, does it mean it can be intercepted? Or is it recognized internally by the browser? Puzzled

I don’t know what security you are talking about. Does it mean the ability to ensure site security through front-end verification of user input?

For the server side, the correct approach is that all parameters passed in by the front end should not be trusted. In other words, no matter how strict and reasonable the front-end verification of user input is, when it is passed to the server, the server will re-verify the incoming data. Or you can understand that the purpose of front-end verification is not to protect site security, but its main purpose is to serve users and improve user experience.

keyup, change, blur, etc. are all used in the actual development process. The specific event chosen for monitoring depends on your specific verification purpose. keyup is more real-time than change and blur, and can quickly verify or judge user input. For example, if you set a login password in the registration form, you can quickly judge the password strength by monitoring the event and display it to the user to remind the user to increase the password strength. But real-time performance may not be the best, let’s take the registration form as an example. When verifying whether the user account name exists, if you listen to keyup and make a judgment as soon as the user presses the key, the front-end page will send a large number of requests to the server during the user input process, which will cause a large impact on the server side. It causes unnecessary pressure, consumes a lot of client resources, and even makes form verification uncontrollable. At this time, it is more reasonable to monitor the change or blur event.

I don’t know what aspect of security the questioner refers to?

The keyup form event reads the character content of the input box. Is this talking about front-end js monitoring?

In fact, when it comes to front-end security, as long as the front-end is considered completely unsafe and any illegal input may occur, then the entire website will be safe.