Input Validation
Server-side input validation and sanitization using Zod schemas, with server action integration and environment variable validation.
What's Included#
- Zod schema definitions for user input (registration, profile updates)
- Server action integration with safeParse and field-level error reporting
- HTML sanitization for rich text and plain text fields
- URL validation and sanitization
- Environment variable validation at startup with typed access
- TypeScript type inference from Zod schemas
Usage#
Via CLI#
Loading code block...
Via AI Assistant#
Ask your AI assistant:
- "Use the input validation pattern from Bootspring"
- "Apply the Bootspring validation pattern to my project"
Key Considerations#
- Always validate on the server; client-side validation is only for UX
- Use safeParse for graceful error handling and return field-level errors to the client
- Sanitize any HTML content before storage or display, even after validation
- Validate environment variables at application startup to fail fast on misconfiguration
- Share validation schemas between client and server to keep logic DRY
Related Patterns#
- CSRF Protection - Cross-site request forgery prevention
- Security Headers - HTTP security headers
- Server Actions - Server action patterns