The server owns your domain rules and is considered to the master while the client should really own presentation logic. You can never trust the client. The idea gets a little blurry though when we consider a client where the source is not accessible ie a hybrid mobile application with the source included in the app's distribution.
Raul > On Mar 29, 2014, at 5:52 PM, Alec Taylor <[email protected]> wrote: > > You could always minify it as a way of obscuring your code. > > "Hacking the business logic" though; isn't so bad. Who cares if people know > the regex I use to validate email addresses? > > Any decent Software Engineer can reverse engineer Facebook's feature-set. > Does Facebook care? > > The actual security of user authentication and the data itself on the > otherhand; you should care about. > > Hash+salt all passwords; and encrypt (TLS) all channels between server and > client. > > >> On Sun, Mar 30, 2014 at 8:36 AM, akshit mahajan <[email protected]> >> wrote: >> Hi, >> >> I am very new to angular JS, I read a few posts online that angular JS is >> not a good choice security-vise. >> >> Since all the business logic that is written is present at the client >> end(Browser), any hacker can attempt to hack the business logic easily! >> >> What are the expert's comments/suggestions in this scenario? >> -- >> You received this message because you are subscribed to the Google Groups >> "AngularJS" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at http://groups.google.com/group/angular. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "AngularJS" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/angular. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
