Hello.
I am currently working on developing a MERN stack app (a personal portfolio), and was wondering if it is considered acceptable practice to not check to ensure that the value of string fields is less than or equal to a certain length. In my app I would be performing all database CRUD actions in a try/catch/finally statement, and I would also be parsing all fields. However, after parsing, I am unsure if it would be considered acceptable practice to enter the string provided by the user as the value of the field regardless of the length.
For example, if I had a “description” field; could I just place the value provided by the user regardless of the length? In my app the chances that a user will need to write anywhere close to that much content will be 0%. As a result, I feel like that maybe I should insure that the value the user provides is under or equal to some maximum value. However, I can’t come up with a value that doesn’t feel like I pulling it out of thin air. Thus, I was wondering if it is okay to just enter the value of a string field regardless of it’s length, and have the catch in the try/catch/finally statement return an error if the document is too large (which is extremely unlikely to happen)? This way I can have both a nice balance of not having to arbitrarily limit the amount of content the user may wish to include, but also ensure my server/database is secure from overly large content trying to being entered into the database, such as in a DoS attack. However, I am not sure if this is considered good practice in terms of schema design/database administration.