Hello, I am learning Angular 2/4 and ASP.NET. When compiling my client app with lazy loaded modules, each lazy loaded module are bundled apart. That's awesome.
Well, in the context of servers emitting informations for different types of users (admin, user, anonymous for exemple), some modules may be designed to request APIs made for admin. And so, they contain the URLs to these APIs. As every lazy loadable module can be downloaded as easy as a favicon by default, every APIs entries can be discovered. A solution could be to create as many app as the types of users but I wonder if it the server could restrict access to lazy loadable modules based on authorization rules. This way, some URLs could stay hidden. I know that hiding is not a real protection but some people care. If you know a solution, I'd be glad to hear it. As my compiler is configured, it also delivers the sourcemaps for each created bundle. So, It is possible to retrieve which module(s?) is contained in a bundle (based on source file naming). Then, it seems possible to configure the server to restrict access to some bundles based on a policy which manages module access. Is this approach feasible? Thank you, Thomas -- You received this message because you are subscribed to the Google Groups "Angular and AngularJS discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
