Love them or hate them, the humble CAPTCHA is a tried and trusted approach to mitigating spam content from infiltrating your beautifully crafted application and flooding it with adverts selling all kinds of nefarious goods. Whilst their effectiveness is debatable and the frustration that they bring about in some high, they are relatively simple to use and catch the bulk of user defined content one would want to filter from their site.
I'm a fan of the Data Annotation Validation attributes to validate user input on both the client and server side for ASP.NET MVC applications. I'm also a fan of Inversion of Control and Dependency Injection to create loosely coupled and flexible applications. There are certain situations where one would wish to inject services into a validation attribute to use during validation; a (somewhat contrived and security cautious) example of this might be providing the user with a <select> element and ask them to choose an option from it and then validate that the option that they have chosen is one that actually exists for the type of items represented in the dropdown. Sure, the RemoteAttribute would allow you to call a server side method via AJAX to perform validation but it does not provide any server side validation, making it more of a convenience solution than a complete and robust one. What would be good is if we could
- provide services to a validation attribute that could be used in the process of validation
- Not have to explicitly resolve services from the container à la the Service Locator (Anti-)Pattern