All geek questions in one place

How to hide the server code on the side of Meteor from the browser?

As a newcomer to the meteor, I found that insecurity is one of the first impressions that people usually experience because of the meteorโ€™s historical debut, and that the meteor took measurements to solve this problem. Therefore, I pay more attention to this issue, as I study it. Following the to-do list tutorial, I noticed, to my surprise, the if (Meteor.isServer) {} block is displayed in the browser. The tutorial outlines 2 out of 12 steps to move client code to the server side to make it secure. But if the server code is also displayed in the browser, didn't that defeat the whole goal? How can a meteor be a safe platform in this regard?

+5
source share
1 answer

The tutorial uses this simple technique for quick start, but I hope there is a built-in way to prevent server code from being sent to the browser.

Each code that you put in the server directory will not be sent to the client. Similarly, the source code living in the client directory lives only in the browser environment.

This is described in detail in the docs section on "Structuring Your Application":

http://docs.meteor.com/#/full/structuringyourapp

+3
source

Source: https://habr.com/ru/post/1209744/

More articles:


All Articles