All geek questions in one place

Is the Meteor internal security code always available on the client side?

I created a test Meteor application and I found that the generic code (server side) is viewable using the dev tools on the client. Test application (in browser):

(function(){ if (Meteor.isClient) { Template.hello.greeting = function () { return "Welcome to test_app."; }; Template.helo.events({ 'click input' : function () { // template data, if any, is available in 'this' if (typeof console !== 'undefined') console.log("You pressed the button"); } }); } if (Meteor.isServer) { Meteor.startup(function () { // code to run on server at startup }); } }).call(this);

Is it for design? Can server code remain on the server?

+6
source share
1 answer

If you want to save the server-side code on the server, you will have to restructure the application.

Make these directories in the root directory of your application:

  • / server - saves everything to run only on the server
  • / client - saves everything that is needed to run only on the client
  • / public / - stores everything that should be available in the format http://yoursite/ (for example, images, fonts). If you put the a.jpg image in /public , it will be available at http://yoursite/a.jpg

After using this structure, you no longer need to use the conditions if(Meteor.isServer) {..} or if(Meteor.isClient) {..} , since they will work in the right place.

When you put files in the root directory of your meteor application, they will be launched both on the client and on the server, which is why this is why the file does not change and everything in if(Meteor.isServer) will only work on the server.

This is by design and very useful to use the code between the server and the client, although it will be visible to both the client and the server

+13
source

Source: https://habr.com/ru/post/951382/

More articles:


All Articles