Depending on what "users" the original poster is referring to - if you are selling a server to your clients, using Node does expose all of your server source code to your "users". However, thinking that the traditional method of selling a compiled executable with "sensitive data" compiled and encrypted in it provides security would also be incorrect - anything that's running on a user's machine can be disassembled, debugged, reverse engineered. However, that is much, much more difficult than just reading the source code provided as plaintext with the server, so there is a somewhat legitimate concern there. Best way around it (and may also be good for lots of other business reasons) seems to be to sell them a hosted services where you run the servers =).
On Monday, September 22, 2014 3:16:24 AM UTC-7, Floby wrote: > > Hello, > > I would be very curious to know where you read that Node.js exposes JS > files to the world. I would personally send an e-mail to the authors to let > them know how wrong it is. > > Node.js is a platform that you can script using JavaScript. JavaScript is > the language in which you write your code. This is the only thing in common > it has with web browsers. It executes code on the server. It doesn't even > have to be a server by the way. > > On Thursday, 18 September 2014 18:24:37 UTC+2, Aleksandra Czajka wrote: >> >> I'm looking into Node.js to replace my server side for the next projects >> I work on. One of the greatest benefits of using server side is that >> communication of sensitive data is done from server and not from js files >> that everyone can not only view the static source of, but, also very easily >> trace the communication. I was researching how node.js makes sure that the >> .js files are not visible to users and from what it seems like, they're not >> doing that at all. >> >> So, my question is, what is node.js suggesting we do with the sensitive >> data? I mean, we can surely encrypt the js files, but, why would I want to >> add this complexity? >> > -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/1508af3f-3836-483d-8bca-576a4055d9f4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
