I can think of several situations where you can't rely on JavaScript validation.
The browser simply doesn't support it! Although the main desktop browsers support JavaScript, many people view pages using text-only browsers such as Lynx; embedded browsers in small devices such as phones or PDAs; or page viewers built in to other software (eg. help systems in IDEs). Some or all of these may not support JavaScript.Someone is attempting to "crash" or "hack in to" your web application, either maliciously, or through curiosity. Turning off JavaScript and its validation is a great way to try out dangerous mode and parameter combinations. Believe me, this does happen.Someone is using an automated tool to "screen scrape" pages, submit forms in bulk, run acceptance/performance tests on your site or whatever. There are lots of tools to do this sort of thing, and it's usually much simpler not to bother with JavaScript support.The user is a developer who has been testing another site to see how it behaves with JavaScript disabled, and has forgot to turn it back on again.The user is just "ornery", and dislikes JavaScript for some (often imagined) reason.
The bottom line is that you need to make sure that any web site works well, and has no security holes, even if JavaScript is disabled. Relying on JavaScript (or
Java applets, or Flash, etc.) for important features like navigation and validation leaves you wide open to losing visitors, hacking, or both.