In a new post to his blog Brandon Savage talks about how some of your current validation rules (and restrictions on input values) could be causing blind spots in your application that you don't even know are an issue.
Our blind spots about validation can and do harm real users if they're poorly or incompletely thought out. What might seem like a completely rational limit to us might hurt a real user who needs to exceed that limit, through no fault of their own. How many women are "BETTYJEAN" because their first name "can't" have a space in it?
He makes a few suggestions developers can do to help the situation and get their current project's validation back out into 20-20 vision:
- Accept valid data in any form provided by the user.
- Where possible, use well-developed validation libraries.
- Do not place artificial limits on valid data.
- Do place valid limits on specific data.