Skip to main content
California Department of Education Logo

Web Application Development Standards

Web applications developed for the California Department of Education (CDE) must adhere to specific standards pertaining to security, consistency, functionality, and look and feel.

The following Web Application Development Standards are divided into two sections, “All Web Applications,” which apply to ALL Web applications, and “CDE Web Applications Only,” which apply only to those applications that are considered to be part of the CDE’s own Web sites. Usually, CDE Web applications have the look and feel that is the same as the CDE Web site.

Visit the CDE Web Standards to determine if these standards apply to a specific Web product and to determine which other Web standards might apply.

All Web Applications

General Standards

Applications must meet the following general standards:

  • Must be easy and intuitive to use for the target audience.
  • Must function in a logical manner for the target audience.
  • Must use styles that are consistent throughout the application and within the associated Web site, including:
    • The use of capitalization (e.g., title case vs. sentence case).
    • The use of punctuation (e.g., use of colons on labels).
    • Error messages must appear in a consistent location and style.
    • The use of Web document notations (e.g., PDF, DOC, etc.).
    • Layout/spacing (e.g., the space between a field label and input control).
    • Descriptive metadata titles.
  • Must adhere to industry best practices. 
  • Form controls that are not available must be hidden.
Development Technology, Programming Language, and Web Server Software

Web applications require the use of the following (or higher) technologies:

  • Microsoft ASP.Net 4.5
  • Microsoft Visual Studio 2012 development environment
  • Microsoft Visual Basic 2015 server-side programming language
  • Microsoft IIS 8.0 Web server software
Minimum Browser Standards

Web applications must function and display properly in the browser versions that are listed on the Minimum Web Browser Requirements page, and all subsequent browser releases up through the current public release version.

Application Testing

Web applications and sites must be thoroughly tested in all required browser versions.

Web applications and sites must be thoroughly tested in screen resolutions of 800 x 600 and 1024 x 768. Applications and sites must not require horizontal scrolling when viewed with 1024 x 768 resolution.

Tables for Layout

Tables used for the purpose of positioning content on a Web page are not allowed.  The only exception is the use of layout tables for .NET radio button and checkbox control lists.  Refer to the Design Standards for the CDE Internet and Intranet Web sites or the External Web Page and Application Design Standards for more information.


Every Web page in the application must have one or more links or control buttons that allow a user to navigate back and forth within the application without having to use the back button or other browser navigation functionality.

Validation of Form Input Fields

Form fields must be validated to ensure required fields are completed, numeric fields have numeric data, and data input is properly formatted (e.g., e-mail address).

Exception Handling in Server-side Code

Code exceptions must be handled in a user-friendly manner by displaying a custom error page that does not display information such as database object names or source code. ASP.Net applications must use <customErrors mode=”RemoteOnly”> in the web.config file so detailed errors are not displayed to the user.

Input Buttons

Use standard input/submit buttons instead of image buttons.  For example, do not use the IMG tag with surrounding A HREF and JavaScript for an input button, such as:

<a href="javascript:document.form_name.submit();"><img src="image_name.extension"></a>

The HTML Label Tag

The HTML Label tag must be used to associate a text description to a form field.

HTML Code Validation

The HTML code in all Web applications must be valid via a reputable validation technique, such as W3C External link opens in new window or tab. or by using the HTML Validator Firefox add-on External link opens in new window or tab..

Input Textbox Display Width

Textbox input controls in a Web form must have properties set for display width and maximum input characters.

Javascript Usage

The use of Javascript is allowed for client-side data validation and manipulation as long as the script is invoked as a result of a user action (i.e., button selection, dropdown selection, movement to another form field, etc.).


AJAX elements can be included as long as there is an equivalent non-AJAX alternative that produces the same results or provides the same functionality.

System/Application Names

System/application names should describe the purpose of the system. They should not include reference to previous systems or terms related to the development of the system. For example, do not use terms in system titles, such as:

  • Change
  • Update
  • Project
  • Redevelopment
  • Redesign, or
  • Replacement

Items Specific to the Required CDE Development Environment (i.e., ASP.Net, Visual Basic, SQL Server)

Post Compiled DLLs Only

ASP.Net code-behind files (e.g., .aspx.vb) must not be posted to a production Web server. Instead the code-behind files must be compiled into DLL files using Visual Studio's Publish feature.

Database Standards

Microsoft SQL Server 2008 is required if a database is used.  Additionally, the following requirements apply to all database-backed Web applications.

  • Use Microsoft SQL Server database objects (stored procedures, views, functions, etc.) when the application accesses the database to prevent any potential application security vulnerabilities. 
  • The application SQL Server login must be granted the minimum rights to execute or select the necessary database objects to communicate with the database (i.e., execute on a specific stored procedure.)
  • The application SQL Server login cannot have direct access (read, insert, update, etc.) to database tables.

CDE Web Applications Only

Mixed-case Filenames

Source files for Web applications may contain mixed-case filenames.  However, when linking or redirecting to files, specify lowercase filenames to ensure compliance with the filename section of the Web Design Standards.

System-wide CSS and Header/Footer Include Files

System-wide CSS, header/footer include, and image files must be used for Web applications hosted on CDE Web servers. See the Layout and Formatting Section of the CDE Web Design Standards for more information.

Last Modified Date

Use of the term “Last Modified” is not allowed in CDE Web applications because this term is reserved for exclusive use on the main CDE Internet Web site. Also, the term does not clearly indicate WHAT was modified.  However, dates can be relevant if the Web page displays date-sensitive information, or where the report date may be valuable to users.  Examples of appropriate dates on Web application pages include:

  • Report run on November 18, 2008
  • Data updated on November 18, 2008
Compiling the Web Application to be Updatable

When compiling an ASP.NET Web application in Microsoft Visual Studio, the application must be compiled as updatable. To accomplish this, when publishing the Web application, select the checkbox entitled "Allow this precompiled site to be updatable." This approach ensures that the application code will continue to reference the system-wide include, css, and image files on the hosting server.

Questions:   Web Services Office |
Last Reviewed: Friday, April 10, 2020
Recently Posted in Department Information
  • Automated testing examples (added 07-Aug-2020)
    This page is created to provide examples of various errors that can be located through automated testing.
  • Access for All Branch (added 07-Jul-2020)
    This web page describes the Access for All Branch as part of the CDE organization and lists its divisions.