stackoom
  简体   繁体   中英

Node.js File Security

 原文  2015-04-28 05:24:08       javascript/ node.js/ security

Question

I'm about to start creating a website that takes values of form inputs(dropdowns, radial boxes, etc.) from the client(no user accounts involved) and performs calculations besed off of these values. These calculations are rather sensitive and I know client side javascript can't be made secure.

Is it possible to pull these client side values and run the calculations server side with node.js? If so, how secure is that? What other precautions can be taken? If that's not possible or secure, what are some alternative solutions?

1 answers

solution1
 1 ACCPTED  2015-04-28 05:30:16

You have a couple options for sending the data to your server and then performing the calculations there.

  1. You can put the data into a form and you can submit the form to your server. The server will then receive all the data from the form and it can do whatever it wants with the data. The server can then return a new page with whatever results you want to show and the browser will show the results page.

  2. You can collect the data from your web page and send it to your server with an Ajax call made via Javascript. The server will receive the data from the Ajax call and can do whatever calculations it wants with the data. It can then return whatever data is appropriate from the Ajax call and the client will receive that data in Javascript and can then display it in the new page (or do whatever else is appropriate).

Code to make calculations on your server will be as safe as the security is on your own server (which can be made plenty secure). Server-based code is not normally available to the outside world.

If you are concerned about security of the data or result in transit, then you can use https between your webpage and your server.

When you ask about "security", folks can provide better answers/info if you say more about what you're trying to protect, why you're trying to protect it and what types of threats you're trying to protect it from. Security is best designed and implemented for very specific reasons and you haven't provided any of those type of specifics.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Security in Node.JS Webserver JavaScript, node.js and security node.js (with socket.io) security? Node.js: Redis security clarification Upload file in node.js Upload file with node.js Overwrite a File in Node.js file module - node.js Reading file in Node.js Node.js requiring a file
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM