[TYPO3-50-general] FLUID and ExtJS (or other widget frameworks)
Martin Kutschker
masi-no at spam-typo3.org
Thu Apr 16 11:46:08 CEST 2009
Timo A. Hummel schrieb:
>
>> Does more data travel to the client then he is allowed to view/edit
>> (besides the data needed to perform the tasks required by the UI and the
>> server interaction)? This is what I'm worried about when I hear that
>> logic is shifted from the server to the client. The client is not to be
>> trusted.
>>
> Thats the most difficult decision in designing such systems. How much
> data do you expose to the client, and what do you do to avoid abuse? Of
> course, a good security model on the service layer is a must, but still
> one needs to think about which data to expose very well. I don't know
> how signed applications for Adobe AIR might make the situation easier,
> but you never know what will happen at the client, unless there's some
> way to digitally sign JS scripts on the client.
Good to hear you have thought about the issue.
All the best,
Masi
More information about the TYPO3-project-5_0-general
mailing list