Validating the Web: The Evolution of Form Validation

This ad is not shown to multipass and full ticket holders
JSNation US
JSNation US 2025
November 17 - 20, 2025
New York, US & Online
See JS stars in the US biggest planetarium
Learn More
In partnership with Focus Reactive
Upcoming event
JSNation US 2025
JSNation US 2025
November 17 - 20, 2025. New York, US & Online
Learn more
Bookmark
Rate this content

Discover how modern form validation techniques are revolutionizing React development. This talk explores the transition from traditional methods to innovative, unit testing-inspired frameworks that streamline validation logic. Learn how to leverage declarative syntax and framework-agnostic solutions to enhance user experience and maintainability in your React applications. Gain practical insights into managing state and asynchronous validations for robust and scalable solutions.

This talk has been presented at React Summit 2025, check out the latest edition of this React Conference.

FAQ

Form validation is crucial in web applications as it ensures data integrity, enhances user experience, and directly impacts the success of applications by reducing errors and abandonment rates, thus preventing revenue loss.

The introduction of the form tag in HTML2 marked a significant step towards web interactivity by allowing user input, which paved the way for more dynamic and interactive web applications.

Separating validation logic from UI code allows for code reusability across different components, simplifies testing, prevents UI changes from affecting validation logic, and enhances maintainability and readability of code.

VEST simplifies asynchronous validation by allowing validations against external data sources and caching results. It manages pending states and provides immediate feedback to users, enhancing the user experience.

Warning states provide a middle ground between valid and invalid fields, allowing forms to be submitted with non-critical issues while guiding users towards best practices, thus improving user experience without causing frustration.

VEST allows the same validation logic to be used on both client and server sides, ensuring consistency. Validation results can be serialized and shared between client and server, maintaining state and simplifying debugging.

Server-side validation is crucial as it provides an additional layer of security, ensuring that data submitted by users meets the necessary criteria before processing, thus preventing potential security breaches and data integrity issues.

Related fields validation involves ensuring that the validity of one field is dependent on another, such as password confirmation. It is important for maintaining logical consistency and providing a natural user experience.

Luiz Oliveira is a staff engineer at XGeeks who specializes in form validation. More about his work can be found on his website, luizfilipppt.com.

VEST is a validation framework inspired by unit testing paradigms. It simplifies form validation by separating logic from UI code, supports both client and server environments, and offers features like asynchronous validation and warning states, making it flexible and reusable.

Luis Oliveira
Luis Oliveira
20 min
17 Jun, 2025

Comments

Sign in or register to post your comment.
Video Summary and Transcription
Exploring the evolution of web forms from HTML2 to Web 3.0 and the crucial role of form validation in application development. The importance of form validation, challenges, and the need for better approaches. Introducing VEST as a flexible validation tool inspired by unit testing frameworks. Highlighting VEST's logic separation, asynchronous validation, and advanced features like caching. Discussing warning states, user guidance, and the impact of form validation on user experience and application success.

1. Exploring the Evolution of Form Validation

Short description:

Exploring the evolution of web forms from HTML2 to Web 3.0 and the crucial role of form validation in application development.

Hello everyone. I'm thrilled to be with you today to talk about validating the web, the evolution of form validation. Forms might not be the sexiest topic around, but they are where the money happens in our applications, so I'm excited to be here and show you a new approach to form validation. I want to say thanks to the React Team Summit for having me and also for this opportunity.

Before we begin on the topic of this talk, let's take a brief look at how the web evolves. So in the beginning, Sir Tim Berners-Lee and his team invented HTML and launched the first website, giving birth to the World Wide Web. A few years later, from the early nineties till the 2000s, at this point the web was mostly static, but with the introduction of the form tag in HTML2, it changed everything. It was our first real step towards interactivity. From then till 2015, this period transformed into the era of Web 2.0, bringing true interactive experiences through social applications and user-generated content.

For the first time, people were at the center of the web. From then till now, Web 2.0 matured and we began transitioning to Web 3.0, with a higher focus on decentralization, leveraged by blockchain technologies and a greater user ownership of data and digital assets. Taking a glimpse into the future, I think we can all agree that AI and AI integrations will be everywhere and they will fundamentally change the way we interact with the web. What's fascinating in the middle of all of this evolution is how the humble form tag has remained consistently important through all of these stages till the present day.

2. Examining the Complexity of Form Validation

Short description:

The importance of form validation, the challenges it poses, and the necessity for better validation approaches in applications.

I'm Luiz Oliveira, I'm a staff engineer at XGeeks and you can find more about me on my site luizfilipppt.com. By the way, PT does not stand for personal trainer. I don't know why, but I get asked this a lot. It really stands for Portugal, the country where I'm from. This talk was actually inspired by Evitar, whose talk last year completely changed my perspective on form validation, something just clicked when I heard him speak. And I am here today to share some of those insights with you. Evitar is a great person and a great engineer working at Meta. And if you're interested in the React, I highly recommend to follow his work.

Let's be honest. Forms are where the money happens in our applications. They are how users input data, make purchases and interact with our systems. As you can see in the flow diagram appearing on the screen, form validation is far more complex than it first appears. We start with form submission, validate inputs, check if fields are required, validate on the server. By the way, if you're not validating on the server, feel free to leave this talk and come back later, because server validation is crucial for form validation.

Back to the content. So we show error messages, we wait for users to correct input, and this cycle can go on and on. We can repeat this multiple times. And all of these intricate flows create significant challenges, like complex structure requirements that are hard to maintain, ensuring validation consistency across different parts of our applications, managing both client and server-side validations, handling various validation scenarios and edge cases, providing meaningful error messages to our users, and feedback that guides them through the experience. And when forms fail, we literally lose money. Users abandon purchases, applications remain incomplete, and conversion rates plummet. This complexity is exactly why I think we need better approaches to validation.

3. Navigating the Form Validation Landscape

Short description:

An overview of the current form validation landscape, the challenges with existing solutions, and the introduction of VEST as a flexible and powerful validation tool inspired by unit testing frameworks.

Let's just take a look at the current validation landscape, and it can get quite overwhelming. If you look at this npm search result, it says there's over 1,000 packages related to form validation, and this is just the way that npm displays results. There's over 10,000 packages related to form validation. And this tells us two things. One is that form validation is a widespread challenge, the other one, there's no single solution that fits all the needs. There are different validation approaches out there, but probably the most used are schema validation packages and framework validation packages. The first are great for server-side validation and data structures, but they feel a little, I don't know, disconnected from the user experience, since users don't really type into a schema.

The second one, framework-specific, they are great, but they can sometimes feel overly opionated, and they always vendor lock you into some framework or into some pattern. What developers really need is something that's flexible, reusable, and maintainable that can handle complex scenarios without sacrificing developer experience or performance. Let's take a look at VEST. VEST was created by Avatar and takes a new and fresh approach to solving some of these challenges. It was inspired by unit testing frameworks and brings those familiar patterns to validation. It's easy to learn, especially if you have used it just before. It's framework agnostic, smart, powerful features, and performance optimizations out of the box. It's fully reusable across client and server environments, solving the classical duplicate validation problem.

And now I will play a short video that shows the striking similarity between Jest test code and VEST validation code. So we start with Jest, where we use terms like describe, groups, tests, and expect that checks results. Then moving to VEST, describe turns into VEST create, you will see it in the end of the video, and expect becomes enforce, which applies validation rules. VEST also takes an extra parameter in each validation, which is the field name to validate. And of course, the whole validation suit gets the form data to validate. This structure is very similar to Jest, just with a few new details, making the switch easy to understand. And this familiar approach means that we can get up to speed quickly, and our validation logic becomes clear and maintainable.

4. Understanding VEST's Validation Logic Separation

Short description:

Exploring VEST's feature of separating validation logic from UI, its benefits in reusability, independence from UI changes, and simplifying testing. Highlighting asynchronous validation for interacting with external data sources like servers and the ease of use with VEST's features.

Just like tests, our validations now express exactly what we expect from data. Let's take a look at one of VEST's features, how cleanly it separates validation logic from your UI code. Let's take a look at this code example to understand why this matters. As we can see, we have distinct, clearly separated sections. We have our validation suit, where we import VEST course functions, create, test, and enforce. We define our validation logic in a completely UI agnostic way. And our password validation rule simply states password must be at least eight characters long.

Below that, in a separate component file, we manage form state with the react's use state. We run the validation against our current form data. We render our UI component with the form fields. And we display errors when the validation fails. So this separation gives us several major benefits. Our validation logic lives completely independently from UI concerns. You can reuse the same validation across different components or even different platforms. Changes to the UI won't affect your validation rules, and testing becomes dramatically simpler since the validation logic is fully isolated.

New team members can quickly get up to speed and understand validation requirements without having to dig through UI code. In complex applications, this separation becomes even more valuable as complexity grows. Now, let's take a look at one of my favorite VEST features, asynchronous validation. In real-world applications, we often need to validate against external data sources, like say, for example, a server. One classical example of this is checking if a username is available or if it's already taken. If we look at this example code, VEST makes async validation surprisingly straightforward. On the left, we have our validation code with two key features. We have the only, which is the only keyword function, which receives the current field and allows us to validate just a single field at a time, which is perfect for those on-blur validations.

5. Exploring VEST's Advanced Validation Features

Short description:

Examining VEST's caching mechanism for asynchronous validation, shared validation logic between client and server, and the ease of maintaining validation state across environments.

Second, look at test.memo, which caches the result of the call to the server or any external data source and only reruns this validation when that value changes. In our foreign component below, we use suit.isPending. We pass it the field name so that we can easily get a loading state that lets us provide immediate user feedback while the async validation completes. VEST handles all the complexity of managing pending states, caching results, and assuring validations run in parallel when possible. Users get immediate feedback and the code stays clean and maintainable.

The UI example on the right shows what the user will experience. When they type a username, they see the validation happening in real time, including the check against the external data source. If the value is in VEST cache already, then the validation is instant. The video is in the loop, but you can notice that the first time that pith and ptr values are checked, a loader pops up while the check is happening. But the second time that these values appear on the input, the feedback is immediate.

Another powerful VEST feature is the ability to share the validation logic between your client and server code while maintaining the validation state across them. Let's take a look at yet another code example. We have our shared validation logic that's used in both environments. In this case, we have a simple username validation that checks if it's empty, and then the same validation suit is imported and used in both client and server codes. In our server, we receive foreign data from a post request. We run the validation suit against the data. We serialize the result of the entire validation state to JSON and send it to the client. Then, in our client code, we have a React component responsible for managing state. When we receive the server response, we use it to restore the validation state, and this allows us to pick up exactly where we left off on the server.

6. Unveiling VESC's Warning States and User Guidance

Short description:

Discussing the versatility of VESC patterns for validation logic consistency, warning states, and user-friendly experiences.

This pattern is incredibly useful for several different use cases. Client-server validation, where we validate critical data on both sides using the same rules. Persistency, we can save the validation state between user sessions or steps in multiple step forms. For debugging, since you have the full validation state when troubleshooting, debugging becomes a lot more easy. This approach solves one of the most frustrating problems in development and in foreign validation, which is keeping the validation logic consistent across the stack.

With VESC, we can write our validation code once and use it everywhere. Let's now take a look at yet another VESC feature. Warning states. Sometimes we need more than a simple pass-fail validation. VESC introduces a powerful concept called a warning state that gives us a middle ground between valid and invalid fields. Taking a look at this code example, in the validation suit above, we are using the warn keyword, the warn function. Inside our password test, and this simply says that we want this password to have a number, but it's not a hard requirement. We suggest adding the number to strengthen the password.

In the component below, we get both errors and warnings. We can join them together to display all the messages to the user. But if the form only has warnings, it can still be submitted. If it has errors, they block submission. And in the demo video, you see how this creates a much better user experience. Instead of blocking submissions for non-critical issues, we can guide users towards better practices without actually frustrating them. We can create progressive validation experiences. We can implement things like password strength indicators. We can suggest improvements while still allowing submission. We can also differentiate between must fix and should consider fixing. And the subtle distinction between errors and warnings creates a more nuanced, user-friendly experience. All of these things respect our users' time while still encouraging best practices.

7. Exploring Form Validation Challenges

Short description:

Discussing the importance of warning states in form validation, related field validation, and its impact on user experience.

Just think, how many times have you abandoned a form because of some overly strict validation? It probably has happened to you before, and warning states help to mitigate that problem. Another common challenge in form validation is handling related fields validation. That means that one field's validity depends on another one. A classical example, the one I bring here, is password confirmation fields.

So taking a look at the code example, we have our standard pass validations at top, require length check, and then the highlighted section shows a powerful pattern bypassed using skip when. We tell vest to skip the validation of the confirmation field until the user has actually start typing in it. Then we validate that the confirmation matches the password. And this pattern creates a more natural user experience. We don't want to show confirmation errors before the user has even started typing on the confirmation.

The form on the left shows what the user's with experience. They can fill out their username and password first, and only when they start typing into the confirmation field does vest begin to validate that relationship between the fields. But password confirmation is not the only example. There are several common use cases where this related field validation is important. State ranges, where an end date must be after a start date. Address validations where a zip code must match a city or a state. Quantity fields where a minimum order must be less than some maximum number. Multistep forms with dependencies between the steps.

8. Emphasizing the Significance of Form Validation

Short description:

Highlighting the significance of form validation in user interactions, emphasizing its impact on the success of applications and the importance of Trivest for enhanced validation experiences.

So vest makes all these relationships easy to express and maintain while keeping our validation logic clear even as complexity grows. As we wrap up today, I want to leave you with a few key thoughts about form validation. Forms are truly our heaviest connection to the users. They are how users interact with our applications in the most direct and meaningful way. When we create forms, we're creating conversations between our applications and our users.

And let's be honest once more. Forms are the money makers of our applications. They are how users sign up, make purchases, submit information, and convert to become loyal users of our products and applications. So when form experiences are poor, we are losing money. Literally losing money. Users abandon our applications. They leave our products. That's why form validation deserves our love and attention. It's not just a technical requirement.

It's a critical part of the user experience that directly impacts the success of our applications. Trivest takes a fresh take on this challenge by bringing those familiar testing paradigms to validation. It makes our code, like I showed, more maintainable, our validation logic more isolated, therefore more reusable, and overall the user experiences get better. I encourage you to try Trivest in your next project. Either you're building a simple contact form or a multi-step complex form in some complex application, I truly believe that a fast approach can help you create better validations with less effort. Try it and come back to me and give me feedback.

So as I end this talk, I want to thank you all for joining me. I hope you have found some useful insights to take back to your own projects. One last thing, I will be attending the Live React Summit event in Amsterdam, so if you're going to be there, I would love to connect in person. Whether you want to dive deeper into React development or you just want to grab a drink and chat, please feel free to reach out. You have all the ways to reach to me in my site. Thanks again for your attention. I hope to see you in Amsterdam. Thank you.

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

Network Requests with Cypress
TestJS Summit 2021TestJS Summit 2021
33 min
Network Requests with Cypress
Top Content
Cecilia Martinez, a technical account manager at Cypress, discusses network requests in Cypress and demonstrates commands like cydot request and SCI.INTERCEPT. She also explains dynamic matching and aliasing, network stubbing, and the pros and cons of using real server responses versus stubbing. The talk covers logging request responses, testing front-end and backend API, handling list length and DOM traversal, lazy loading, and provides resources for beginners to learn Cypress.
Testing Pyramid Makes Little Sense, What We Can Use Instead
TestJS Summit 2021TestJS Summit 2021
38 min
Testing Pyramid Makes Little Sense, What We Can Use Instead
Top Content
Featured Video
Gleb Bahmutov
Roman Sandler
2 authors
The testing pyramid - the canonical shape of tests that defined what types of tests we need to write to make sure the app works - is ... obsolete. In this presentation, Roman Sandler and Gleb Bahmutov argue what the testing shape works better for today's web applications.
Full-Circle Testing With Cypress
TestJS Summit 2022TestJS Summit 2022
27 min
Full-Circle Testing With Cypress
Top Content
Cypress is a powerful tool for end-to-end testing and API testing. It provides instant feedback on test errors and allows tests to be run inside the browser. Cypress enables testing at both the application and network layers, making it easier to reach different edge cases. With features like AppActions and component testing, Cypress allows for comprehensive testing of individual components and the entire application. Join the workshops to learn more about full circle testing with Cypress.
Test Effective Development
TestJS Summit 2021TestJS Summit 2021
31 min
Test Effective Development
Top Content
This Talk introduces Test Effective Development, a new approach to testing that aims to make companies more cost-effective. The speaker shares their personal journey of improving code quality and reducing bugs through smarter testing strategies. They discuss the importance of finding a balance between testing confidence and efficiency and introduce the concepts of isolated and integrated testing. The speaker also suggests different testing strategies based on the size of the application and emphasizes the need to choose cost-effective testing approaches based on the specific project requirements.
Playwright Test Runner
TestJS Summit 2021TestJS Summit 2021
25 min
Playwright Test Runner
Top Content
The Playwright Test Runner is a cross-browser web testing framework that allows you to write tests using just a few lines of code. It supports features like parallel test execution, device emulation, and different reporters for customized output. Code-Gen is a new feature that generates code to interact with web pages. Playwright Tracing provides a powerful tool for debugging and analyzing test actions, with the ability to explore trace files using TraceViewer. Overall, Playwright Test offers installation, test authoring, debugging, and post-mortem debugging capabilities.
Everyone Can Easily Write Tests
TestJS Summit 2023TestJS Summit 2023
21 min
Everyone Can Easily Write Tests
Playwright is a reliable end-to-end testing tool for modern web apps that provides one API, full isolation, fast execution, and supports multiple languages. It offers features like auto-weighting, retrying assertions, seamless testing of iframes and shadow DOM, test isolation, parallelism, and scalability. Playwright provides tools like VS Code extension, UiMode, and Trace Viewer for writing, debugging, and running tests. Effective tests prioritize user-facing attributes, use playwright locators and assertions, and avoid testing third-party dependencies. Playwright simplifies testing by generating tests, providing code generation and UI mode, and allows for easy running and debugging of tests. It helps in fixing failed tests and analyzing DOM changes, fixing locator mismatches, and scaling tests. Playwright is open source, free, and continuously growing.

Workshops on related topic

Designing Effective Tests With React Testing Library
React Summit 2023React Summit 2023
151 min
Designing Effective Tests With React Testing Library
Top Content
Featured Workshop
Josh Justice
Josh Justice
React Testing Library is a great framework for React component tests because there are a lot of questions it answers for you, so you don’t need to worry about those questions. But that doesn’t mean testing is easy. There are still a lot of questions you have to figure out for yourself: How many component tests should you write vs end-to-end tests or lower-level unit tests? How can you test a certain line of code that is tricky to test? And what in the world are you supposed to do about that persistent act() warning?
In this three-hour workshop we’ll introduce React Testing Library along with a mental model for how to think about designing your component tests. This mental model will help you see how to test each bit of logic, whether or not to mock dependencies, and will help improve the design of your components. You’ll walk away with the tools, techniques, and principles you need to implement low-cost, high-value component tests.
Table of contents- The different kinds of React application tests, and where component tests fit in- A mental model for thinking about the inputs and outputs of the components you test- Options for selecting DOM elements to verify and interact with them- The value of mocks and why they shouldn’t be avoided- The challenges with asynchrony in RTL tests and how to handle them
Prerequisites- Familiarity with building applications with React- Basic experience writing automated tests with Jest or another unit testing framework- You do not need any experience with React Testing Library- Machine setup: Node LTS, Yarn
Detox 101: How to write stable end-to-end tests for your React Native application
React Summit 2022React Summit 2022
117 min
Detox 101: How to write stable end-to-end tests for your React Native application
Top Content
Workshop
Yevheniia Hlovatska
Yevheniia Hlovatska
Compared to unit testing, end-to-end testing aims to interact with your application just like a real user. And as we all know it can be pretty challenging. Especially when we talk about Mobile applications.
Tests rely on many conditions and are considered to be slow and flaky. On the other hand - end-to-end tests can give the greatest confidence that your app is working. And if done right - can become an amazing tool for boosting developer velocity.
Detox is a gray-box end-to-end testing framework for mobile apps. Developed by Wix to solve the problem of slowness and flakiness and used by React Native itself as its E2E testing tool.
Join me on this workshop to learn how to make your mobile end-to-end tests with Detox rock.
Prerequisites- iOS/Android: MacOS Catalina or newer- Android only: Linux- Install before the workshop
API Testing with Postman Workshop
TestJS Summit 2023TestJS Summit 2023
48 min
API Testing with Postman Workshop
Top Content
WorkshopFree
Pooja Mistry
Pooja Mistry
In the ever-evolving landscape of software development, ensuring the reliability and functionality of APIs has become paramount. "API Testing with Postman" is a comprehensive workshop designed to equip participants with the knowledge and skills needed to excel in API testing using Postman, a powerful tool widely adopted by professionals in the field. This workshop delves into the fundamentals of API testing, progresses to advanced testing techniques, and explores automation, performance testing, and multi-protocol support, providing attendees with a holistic understanding of API testing with Postman.
1. Welcome to Postman- Explaining the Postman User Interface (UI)2. Workspace and Collections Collaboration- Understanding Workspaces and their role in collaboration- Exploring the concept of Collections for organizing and executing API requests3. Introduction to API Testing- Covering the basics of API testing and its significance4. Variable Management- Managing environment, global, and collection variables- Utilizing scripting snippets for dynamic data5. Building Testing Workflows- Creating effective testing workflows for comprehensive testing- Utilizing the Collection Runner for test execution- Introduction to Postbot for automated testing6. Advanced Testing- Contract Testing for ensuring API contracts- Using Mock Servers for effective testing- Maximizing productivity with Collection/Workspace templates- Integration Testing and Regression Testing strategies7. Automation with Postman- Leveraging the Postman CLI for automation- Scheduled Runs for regular testing- Integrating Postman into CI/CD pipelines8. Performance Testing- Demonstrating performance testing capabilities (showing the desktop client)- Synchronizing tests with VS Code for streamlined development9. Exploring Advanced Features - Working with Multiple Protocols: GraphQL, gRPC, and more
Join us for this workshop to unlock the full potential of Postman for API testing, streamline your testing processes, and enhance the quality and reliability of your software. Whether you're a beginner or an experienced tester, this workshop will equip you with the skills needed to excel in API testing with Postman.
Monitoring 101 for React Developers
React Summit US 2023React Summit US 2023
107 min
Monitoring 101 for React Developers
Top Content
WorkshopFree
Lazar Nikolov
Sarah Guthals
2 authors
If finding errors in your frontend project is like searching for a needle in a code haystack, then Sentry error monitoring can be your metal detector. Learn the basics of error monitoring with Sentry. Whether you are running a React, Angular, Vue, or just “vanilla” JavaScript, see how Sentry can help you find the who, what, when and where behind errors in your frontend project. 
Workshop level: Intermediate
Testing Web Applications Using Cypress
TestJS Summit - January, 2021TestJS Summit - January, 2021
173 min
Testing Web Applications Using Cypress
Top Content
Workshop
Gleb Bahmutov
Gleb Bahmutov
This workshop will teach you the basics of writing useful end-to-end tests using Cypress Test Runner.
We will cover writing tests, covering every application feature, structuring tests, intercepting network requests, and setting up the backend data.
Anyone who knows JavaScript programming language and has NPM installed would be able to follow along.
Best Practices for Writing and Debugging Cypress Tests
TestJS Summit 2023TestJS Summit 2023
148 min
Best Practices for Writing and Debugging Cypress Tests
Top Content
Workshop
Filip Hric
Filip Hric
You probably know the story. You’ve created a couple of tests, and since you are using Cypress, you’ve done this pretty quickly. Seems like nothing is stopping you, but then – failed test. It wasn’t the app, wasn’t an error, the test was… flaky? Well yes. Test design is important no matter what tool you will use, Cypress included. The good news is that Cypress has a couple of tools behind its belt that can help you out. Join me on my workshop, where I’ll guide you away from the valley of anti-patterns into the fields of evergreen, stable tests. We’ll talk about common mistakes when writing your test as well as debug and unveil underlying problems. All with the goal of avoiding flakiness, and designing stable test.