First point: web is insecure; Second point: the only way to keep your business logic secure is to keep it in the SERVER side. Third point (optional): use Angular for presentation only. Is what I do.
Best regards, 2014-03-30 11:40 GMT-03:00 Jeremy Likness <[email protected]>: > Angular is no different than any other browser-based technology. It is > completely your choice to decide much logic runs at the client vs. the > server and what trade-offs you are willing to make. > > What "business logic" is it you think will be hacked? Do you have a > tangible example? For example, if your company has some special algorithm > for determining how many widgets are going to be sold over the next two > weeks, there is nothing in Angular to prevent you from hosting that > algorithm on your server and just exposing the result as a web service end > point. Angular's interceptors give you control over headers for > authentication and to avoid cross-site forgery, etc. so I'm not sure I buy > the argument that it is any less secure than the web in general, and if > anything I'd say it supports making your apps more secure. > > Jeremy > > > On Saturday, March 29, 2014 5:36:32 PM UTC-4, akshit mahajan wrote: >> >> Hi, >> >> I am very new to angular JS, I read a few posts online that angular JS is >> not a good choice security-vise. >> >> Since all the business logic that is written is present at the client >> end(Browser), any hacker can attempt to hack the business logic easily! >> >> What are the expert's comments/suggestions in this scenario? >> > -- > You received this message because you are subscribed to the Google Groups > "AngularJS" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/angular. > For more options, visit https://groups.google.com/d/optout. > -- José Ricardo Borba -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
