Somewhat off topic, but how do single page apps deal with people hacking the JS?... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		adamconroy on May 28, 2014 \| parent \| context \| favorite \| on: Googlebot's recent improvements might revolutioniz... Somewhat off topic, but how do single page apps deal with people hacking the JS? For example, if as a particular user I am only allowed to perform certain functions within the app, and that functionality is contained in the JS, then it doesn't seem like it would be very hard to modify the JS to enable the functionality I shoudn't be allowed to use.

ailox on May 28, 2014 [–]

Usually the functionality of the app exists in the backend, which would be server side. No matter what you do on the frontend, there should be no way for you to trigger actions in the backend you were not authorized to perform.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact