Data security plays a vital role in any application's development, as almost everything revolves around data. So it is crucial that we store valid data in the database, ensuring that the data passed on from the user to the application server is safely transmitted; the data reaching the server also should contain valid data (probably having a valid datatype, length, and so on).

We started performing validations using JavaScript in ASP.NET Web Forms initially; sadly, most of the ASP.NET developers in the initial days used JavaScript only for validations. Then we moved onto control-driven validation which wraps up all the scripting inside ASP controls accepting parameters required for validation. Finally, we were exposed to data model-driven validation, which allows developers to configure validation through data annotation, automatically handling both client-side (using jQuery unobtrusive validation) and server-side (using MVC model binder validation).

The Entity Framework (EF) allows us to achieve the same, using annotation/attribute validation, which reduces a lot of coding with respect to security (client-side and server-side validations are simplified due to this requirement). EF provides us with certain built-in validations:

• Required
• EmailAddress
• Compare
• Url
• MinLength
• MaxLength
• RegularExpression

The preceding list briefly covers most of the validators. If you would like to take a look at a complete list of validators, please visit https://msdn.microsoft.com/en-us/library/system.componentmodel.dataannotations(v=vs.110).aspx. Let's take a look at each of the validators listed in detail.