this is for holding javascript data
Alec Aivazis edited untitled.html
over 8 years ago
Commit id: ec31253107bbc720384c18718dc69b2cc487e215
deletions | additions
diff --git a/untitled.html b/untitled.html
index a8da020..b6fe6e1 100644
--- a/untitled.html
+++ b/untitled.html
...
In a single page app, all of the decisions about what view/subview to render occurs on the client. This means that ideally the client would be able to authenticate the currently logged in user on transitions to sensitive pages and access its data without going back to the server. This means that special care needs to be made to protect our application from a malicious user interacting with the developer console present in all modern browsers. One possible security vulnerability is the escalation of a globally stored user user role. This would cause the hacker to view a part of the website that he was they were forbidden to.
to.