The validation controls always perform validation checking in server code. However, if the user is working with a browser that supports DHTML, the validation controls can also perform validation using client script. With client-side validation, any errors are detected on the client when the form is submitted to the server. If any of the validators are found to be in error, the submission of the form to the server is cancelled and the validator's Text property is displayed. This permits the user to correct the input before submitting the form to the server. Field values are revalidated as soon as the field containing the error loses focus, thus providing the user with a rich, interactive validation experience.

Note that the Web Forms page framework always performs validation on the server, even if the validation has already been performed on the client. This helps prevent users from being able to bypass validation by impersonating another user or a preapproved transaction.

Client-side validation is enabled by default. If the client is capable, uplevel validation will be performed automatically. To disable client-side validation, set the page's ClientTarget property to "Downlevel" ("Uplevel" forces client-side validation). Alternatively, you can set an individual validator control's EnableClientScript property to "false" to disable client-side validation for that specific control.

Server Side validation is done to protect your code from a malicious user who might know how to get around your javascripts.Also javascript is not always enabled for all users.