I am making a website,and i don't want users to execute functions in the script from the javascript console.I figured out i can put all of the code into a block scope and declare everything with let.Is this bad practice?
3
-
2No, it's good practice.Teemu– Teemu2022-04-29 08:59:43 +00:00Commented Apr 29, 2022 at 8:59
-
perfectly normal to scope your app, however it's more common to create a new scope with an IIFE instead of a blockAsplund– Asplund2022-04-29 09:01:47 +00:00Commented Apr 29, 2022 at 9:01
-
2I wouldn't say bad practice but I don't think it really works for what you want it. Separate your code into modules and you naturally get isolation from global scope. Yet even then, users can do anything they want with the code - they can put a breakpoint and alter the values at will. Or bypass the code. Or whatever.VLAZ– VLAZ2022-04-29 09:02:48 +00:00Commented Apr 29, 2022 at 9:02
Add a comment
|
1 Answer
It's normal to want to limit the scope of any symbol (variable, function) to prevent unintended use. What you make global or as part of module exports is the 'published interface', anything else is likely to be private.
Immediately-invoked function expressions (IIFE) are a typical way to achieve this.
