I don't think that the security concerns are any more of an issue than they are with any other platform (including one you build yourself). If you have a JS api on the client side which is somewhat capable, it's going to be an issue.
On Wed, Apr 11, 2012 at 9:46 AM, Joshua Cohen <[email protected]> wrote: > It's an interesting concept, and certainly impressive from a > technological perspective in many respects. That being said, it seems > so prone to exploit on a number of levels. They had to take down the > demo that was running last night because someone had the bright idea > of basically inserting items in an infinite loop via the console which > seemed to cause stability issues on the server side. > > I'm sure they have mechanisms in place to abate these concerns, but I > wonder if you'll end up spending more time on those than you would > save on the aspects that Meteor is designed to speed up (sync'ing, > real time updates, etc.). Also, messing up real time sync'ing doing it > by hand means there's most likely a harmless (from a data consistency > standpoint) bug in your app. Messing up the protections around client > side data access mean that someone gets access to data they shouldn't > (or worse, can write data they shouldn't!). > > On Wed, Apr 11, 2012 at 7:50 AM, Bradley Meck <[email protected]> > wrote: > > Very interesting, but im worried about XSS attacks and form refreshes > since > > it is automatically sharing/refreshing parts of the page. > > > > > > On Wednesday, April 11, 2012 2:16:28 AM UTC-5, Nikolay Yasinskiy wrote: > >> > >> meteor.com/screencast > >> meteor.com/examples > > > > -- > > Job Board: http://jobs.nodejs.org/ > > Posting guidelines: > > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > > You received this message because you are subscribed to the Google > > Groups "nodejs" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected] > > For more options, visit this group at > > http://groups.google.com/group/nodejs?hl=en?hl=en > > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > -- chrisrhoden -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
