[英]Are there security risks storing JavaScript files in localStorage as an offline version of the file?
I have an app that reads the contents of example.js
using an AJAX call to example.php
, then saves example.js
to a variable, localStorage.exampleJS
, every time the user opens the app on their phone.我有读取的内容的应用程序
example.js
使用AJAX调用example.php
,然后保存example.js
一个变量, localStorage.exampleJS
,每次用户打开自己的手机上的应用程序的时间。 The AJAX call uses the following jQuery: AJAX 调用使用以下 jQuery:
$.ajax({
type: "POST",
url: "https://example.com/example.php",
success: function(response){
localStorage.exampleJS = response;
},
});
example.php
contains the following: example.php
包含以下内容:
<?php
echo file_get_contents('example.js');
?>
In the event that the the user doesn't have an internet connection, I run the offline version using the following jQuery:如果用户没有互联网连接,我会使用以下 jQuery 运行离线版本:
if(navigator.onLine){
$("head").append("<script src='https://example.com/example.js'></script>");
}
else{
$("head").append("<script>" + localStorage.exampleJS + "</script>");
}
I know this could potentially have security risks.我知道这可能存在安全风险。 Is this a bad practice?
这是一种不好的做法吗? Are there security risks doing saving an offline version this way?
以这种方式保存离线版本是否存在安全风险? Is there a better way to do this?
有一个更好的方法吗? Thanks!
谢谢!
I think there is no harm storing file in local-storage, but have to keep following things in your mind.我认为将文件存储在本地存储中没有坏处,但必须牢记以下事项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.