Unless someone has access to the server, they should not be able to view the server's source at all.
If you are finding that your files are being transmitted, I would look at how you are setting up your server. Either the reverse proxy you are using is serving your whole application directory, or your Node application is serving all the files in the current directory, not just limiting itself to your public folder. On Thursday, September 18, 2014 11:24:37 AM UTC-5, Aleksandra Czajka wrote: > > I'm looking into Node.js to replace my server side for the next projects I > work on. One of the greatest benefits of using server side is that > communication of sensitive data is done from server and not from js files > that everyone can not only view the static source of, but, also very easily > trace the communication. I was researching how node.js makes sure that the > .js files are not visible to users and from what it seems like, they're not > doing that at all. > > So, my question is, what is node.js suggesting we do with the sensitive > data? I mean, we can surely encrypt the js files, but, why would I want to > add this complexity? > -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/a6124f3f-e3eb-4446-8a5e-eeb1a3592f62%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
