Backbone.js的安全性 [英] Backbone.js Security
问题描述
我正在学习Backbone.js的那一刻,很抱歉,如果我的问题是nooby :-P
i am learning Backbone.js at the moment, so sorry if my question is nooby :-P
在我的节目,我检查我的数据在服务器端是正确的,等等...但我想知道如果用户更改了存储在萤火使用控制台例如模型中的数据会发生什么,并尝试.save()或.fetch()。
in my program i check my data at server-side to be correct and etc ... but i was wondering what will happen if users change the data stored in models using Console in FireBug for example and try .save() or .fetch().
有没有什么办法阻止这种行为?
is there any way to stop such actions ?
在考虑我的所有数据将被存储在模型,用户可很容易地检索使用我Backbone.js的我不是真的很舒服,只是我或者是有什么错在这里?!
considering all my data is going to be stored in models and can be easily retrieved by users i am not really comfortable using backbone.js, is it just me or is there something wrong here ?!
推荐答案
一个简单而安全的方法是包括用户凭据(用户名和密码)到模型中,并检查它在服务器端对每个AJAX调用。
A simple and safety way is to include the user credentials (username and password) into your model and check it on the server side to each AJAX calls.
要避免如此多的BDD requets,还可以生成 ID =&GT的关联数组;串行键来的每个服务器端登录的用户和返回它取()在auth proccess中,然后,检查id和您生成匹配到每个AJAX串行键调。
To avoid so much bdd requets, you can also generate an associated array of id => serial key to each logged user on the server side and return it by fetch() during the auth proccess, then, check if the id and the serial key you generated match to each AJAX calls.
这篇关于Backbone.js的安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
