The TextBox control offers a MaxLength property, which allows the insertable text into that TextBox be clientside limited to the specified amount of chars.
My questions:
- Is this property only client-side and
therefore browser-pedendent? - Can I rely on the fact, that the
Text property contains no text longer than
MaxLength is set (only for the
DisplayModes named in the MSDN
article) or do I manually have to
perform a TextBox.Text.SubString(0,
DesiredMaxLength)
? - How does all this
behave with disabled java-script?
It does not depend on javascript but that does not make it safe.
Anyone can still post a request using javascript (XmlHttpRequest for example) or just craft a request to send more data than the max-length specification. It’s a good way to stop a normal user from over populating a field but it is something you need to double check on the server anyway.