[TYPO3-50-general] FLUID and ExtJS (or other widget frameworks)

Timo A. Hummel privat at timohummel.com
Wed Apr 15 22:18:11 CEST 2009

> Does more data travel to the client then he is allowed to view/edit
> (besides the data needed to perform the tasks required by the UI and the
> server interaction)? This is what I'm worried about when I hear that
> logic is shifted from the server to the client. The client is not to be
> trusted.
Thats the most difficult decision in designing such systems. How much 
data do you expose to the client, and what do you do to avoid abuse? Of 
course, a good security model on the service layer is a must, but still 
one needs to think about which data to expose very well. I don't know 
how signed applications for Adobe AIR might make the situation easier, 
but you never know what will happen at the client, unless there's some 
way to digitally sign JS scripts on the client.


More information about the TYPO3-project-5_0-general mailing list