Validation And Sanitization Primer

Daniel Bachhuber who works with VIP Services has published a guide covering some key differences with data validation and sanitization. His explanation is not so technical that even I understood it for the most part. If you’re a developer, definitely give the guide a read and give Daniel some feedback.


  1. That’s a good post! Here’s how I describe the difference:

    Validation ensures that data are in the correct format/type, and within appropriate bounds.

    Sanitization ensures that data are safe, whether it is KSES-type scrubbing of malicious data, or escaping data appropriately for context.


  2. Too bad a comment of mine on that post has been waiting for approval for 5 days now ….


Comments are closed.