I am storing some sensitive data on javascript side. How can I prevent user from tampering these data. I can not do this on server side with ajax or anything else, as smoothness of the animation concerned.
4
-
is it possible anyway to control other's browser???Sougata Bose– Sougata Bose2014-10-28 11:36:38 +00:00Commented Oct 28, 2014 at 11:36
-
How do you cram so much "wrong" into so such a short sentence...? Don't store sensitive data client-side - it's that simple!Emissary– Emissary2014-10-28 11:38:09 +00:00Commented Oct 28, 2014 at 11:38
-
Store "sensitive data" on javascript side? IMO both concepts together on a sentence are wrong.albciff– albciff2014-10-28 11:41:27 +00:00Commented Oct 28, 2014 at 11:41
-
@Emissary: Seems like you've edited the comment - it looked like you were critiquing the grammer.Ian– Ian2014-10-28 11:43:52 +00:00Commented Oct 28, 2014 at 11:43
Add a comment
|
1 Answer
Make your JavaScript inaccessible to someone using function scope etc. This isn't perfect but it can certainly make things a lot harder. For example, if you define:
var f = function() { return "test"; }
f();
Then it's easy to call window.f()
If instead you define as a self invoking function then you've just made it much more difficult for someone to call:
(function() {
return test;
})();
This principle can then be extended - any variables defined within the function, will only have scope within it making it very difficult (but probably not impossible) to get hold of them.
