Validation doesn't always work
Opened this issue · 0 comments
petestreet commented
I've made a custom signin/signup form according to the Guide, and stumbled across a common use case when the field-level validation checks don't actually run. On the "Join" page, if you try submitting the form with a valid username set (before filling in the other inputs), and then change the username input to something invalid, it will let you create that user. The re
, minLength
, and required
checks are all not honored.
See a video of it happening here. You can try it for yourself on this demo app, and can view the code running on that app here.
Since a user can basically bypass any validation checks, this seems like a pretty serious issue.