在客户端验证中，客户端(网络浏览器)在客户端语言的帮助下验证输入，例如JavaScript.在服务器端验证中，服务器(网络服务器)在服务器端语言的帮助下验证输入，例如

In client side validation, it's the client (webbrowser) which validates the input with help of a client side language, e.g. JavaScript. In server side validation, it's the server (webserver) which validates the input with help of a server side language, e.g. Java.

您永远不应该只进行客户端验证，因为最终用户可以控制结果(因此也可以破解/欺骗).通常，您希望使用客户端验证，因为它提供更快的反馈.最终用户不需要等待表单提交完成，也不需要面对内容一闪而过"的问题.(页面空白，然后重新显示新内容).您想使用服务器端验证来确保提交数据的完整性.最终用户无法控制服务器端验证的结果.

You should never do only client side validation, because the result is controllable (and thus also hackable/spoofable) by the enduser. Usually, you'd like to use client side validation because it gives much sooner feedback. The enduser doesn't need to wait for the form submit being completed and doesn't need to face a "flash of content" (page blanks out and then redisplays with new content). You'd like to use server side validation to ensure the integrity of the submitted data. The enduser has in no way control over the outcome of the server side validation.

在 JSF 的情况下，通过内置 required="true" 属性和标准/自定义验证器的验证总是服务器端.从 JSF 2.0 开始，可以使用内置的 ajaxical 功能提交表单(从而也验证表单).这结合了两个方面的优点:在没有内容闪烁的情况下获得即时反馈以及服务器端验证的稳健性/完整性.

In case of JSF, the validation via built-in required="true" attribute and standard/custom validators is always server side. Since JSF 2.0 it's possible to submit a form (and thus also validate the form) using builtin ajaxical functionality. This combines the best of the two worlds: having instant feedback without flash of content and the robustness/integrity of the server side validation.

• 如何在 JSF 中执行验证，如何在 JSF 中创建自定义验证器