

Ask HN: JS-heavy apps revealing business logic on frontend? - adyus

I'd like a better informed opinion on this, but with the torrent of JS-heavy frontend web apps these days, isn't there a risk of revealing some potentially compromising security flaws if someone simply opens up the downloaded .js file and studies it carefully? 
Wouldn't it make more sense to tuck away all the meat of the app in the backend and only use frontend JS for UX/UI updates?
======
wvenable
The same rules still apply no matter how much code is in the front end: Never
trust the client.

~~~
madanosliw
Indeed, for callbacks and such I find it good to just think of the web browser
as just another web service client calling an API: that's where you draw your
line of trust (your own code running in your own environment).

~~~
adyus
That's actually a great way to begin building a system: consider the browser
as another API client. It's sort of the Twitter way, I guess.

