

JQuery Parse: Dead simple way to save data - jamesjyu
https://github.com/srhyne/jQuery-Parse

======
martinkallstrom
What would be the best way to get around the limitation of having access keys
displayed openly in the javascript code? In order to actually use this for
early versions of production apps.

The only solution I can think of is to make the queries through a thin proxy
server that adds the access keys to the requests.

Is there a solution that Parse could implement to make pure js apps reality?

~~~
jschuur
I actually asked them this just last night. Here's the response I got:

 _So right now, you're restricted to using the master key for the REST API
(and thus, javascript applications). We have plans to make this more secure in
the future in the same way as we do with our SDKs._

 _For our SDKs, we have a few ways to secure your app, via class level
permissions and object level permissions
(ACL):<http://www.parse.com/docs/data> _

_You're able to lock down permissions on the client key, and this should be
able to secure the majority of apps that you want to make. But, this won't
work with the REST API._

------
clemesha
This is cool.

What would be even cooler is if Parse made JavaScript a first class citizen
(so to speak), and truly supported a JavaScript API.

Am I missing something that might prevent them from doing this? Or is it maybe
that this feature is in the works? They sure as hell push out cool new
features fast...

~~~
jamesjyu
It's on our radar. Stay tuned.

------
bergie
The remoteStorage library from Unhosted provides a somewhat similar approach:
<https://github.com/unhosted/remoteStorage.js>

With Unhosted, users can choose where their data goes, and even host it
themselves.

------
ColdAsIce
What is the deal with these new cloud/Saa services? Convenience over
installing your own server and managing your own data? Outsource it to
parse.com?

How can you be certain your data wont be compromised, read or misused by
parse.com or whoever is behind it?

For serious apps, I wouldnt let a third-party peek at anything I store, when
and how. This is more like a toy.

~~~
jschuur
What's the difference between a third party provider that stores your data,
and a provider that hosts your entire application?

~~~
moe
Lock-in?

