Hi, It seems like there's a misconception here.
Node.JS does run the JS files you write in a process running on server side. Using JS for programming doesn't mean they'll be transferred to the browser to run them. If I understand you well, so, your issue doesn't really exist. What you really expose to the public world is an API from Node.JS to use it. If you're serving public client-side JS files, they shouldn't contain any sensitive information, they'll just include how to represent things on a browser. Regards, Ahmed On Thursday, September 18, 2014 7:24:37 PM UTC+3, Aleksandra Czajka wrote: > > I'm looking into Node.js to replace my server side for the next projects I > work on. One of the greatest benefits of using server side is that > communication of sensitive data is done from server and not from js files > that everyone can not only view the static source of, but, also very easily > trace the communication. I was researching how node.js makes sure that the > .js files are not visible to users and from what it seems like, they're not > doing that at all. > > So, my question is, what is node.js suggesting we do with the sensitive > data? I mean, we can surely encrypt the js files, but, why would I want to > add this complexity? > -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/5df39e5d-d25a-4173-9999-c2032d9422f6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
