If the field contains an invalid value, the form cannot be submitted for processing until it is corrected.
Try the demo below by entering an invalid email: See the Pen Email Validation Example by Site Point (@Site Point) on Code Pen.
Applications rarely test for Unicode exploits and hence provide the attacker a route of attack.
The issue to remember here is that the application is safe if Unicode representation or other malformed representation is input.
The application responds correctly and recognises all possible representations of invalid characters.
Let’s examine these new form attributes to see how they can aid form validation.
This form attribute indicates what kind of input control to display such as the popular validates the field to ensure the entered data is in fact a valid email address.