Chapter 7. Validating and processing input with the forms API

 

This chapter covers

  • The main concepts of Play’s forms API
  • How to process HTML form submits
  • Generating HTML forms
  • Parsing advanced types and building custom validations

A serious test of any web framework is the way it handles data thrown at it by clients. Clients can send data as a part of the URL (notably the query string), as HTTP request headers, or in the body of an HTTP request. In the latter case, there are various ways to encode the data; the usual ways are submitting HTML forms and sending JSON data.

When this data is received, you can’t trust it to be what you want or expect it to be. After all, the person using your application can shape a request any way they like, and can insert bogus or malicious data. What’s more, all (client) software is buggy. Before you can use the data, you need to validate it.

The data you receive is often not of the appropriate type. If a user submits an HTML form, you get a map of key/value pairs, where both the keys and values are strings. This is far from the rich typing that you want to use in your Scala application.

7.1. Forms—the concept

7.2. Forms basics

7.3. Creating and processing HTML forms

7.4. Validation and advanced mappings

7.5. Summary