this is for holding javascript data
Alec Aivazis edited It_s_clear_that_an__.html
over 8 years ago
Commit id: 26269ac59bb54a0eaba7e74836d4f4f46d1f994b
deletions | additions
diff --git a/It_s_clear_that_an__.html b/It_s_clear_that_an__.html
index 221c7cd..3c2b84a 100644
--- a/It_s_clear_that_an__.html
+++ b/It_s_clear_that_an__.html
...
It's clear that an ideal SPA will have
Since we need a way of reading the local performing authenticationdata for use by the application logic in order to authorize on the rendering of a particular view. However, client, special care needs to be made to prevent someone protect our application from a malicious user interacting with the developers developer console present in all modern browsers. One possible security vulnerability is the escalation of a globally stored user user role. This would cause the hacker to be able to change view a part of the local authentication data in order website that he was forbidden to. Also, I just want to gain access make it clear: even if a perfect solution is found for this vulnerability, server endpoints still need to restricted parts of verify the request. The client can never be trusted and performing crypto on the code by elevating their permissions.
browser is a bad idea.