Recently Active 'security javascript' Questions

1

vote

1answer

134 views

Security in Authentication in single page apps

What's the most secure method of performing authentication in a single paged apps? I'm not talking about any specific client-side or server-side frameworks, but just general guidelines or best ...

modified Apr 16 at 16:15

Jalayn
6,30921645

2

votes

1answer

101 views

How to verify data from localStorage on a server

On my mobile app, I am storing the username of a logged in person, and downloading some data for the given/stored username. When the user checks for updates to his data content on the server, the ...

javascript security mobile server-client local-storage

modified Jan 9 at 12:32

dimitris mistriotis
2,176522

35

votes

11answers

2k views

Is there any reason not to go directly from client-side Javascript to a database? [duplicate]

Possible Duplicate: Writing Web “server less” applications So, let's say I'm going to build a Stack Exchange clone and I decide to use something like CouchDB as my backend store. If I use ...

javascript architecture database security couchdb

modified Dec 20 '12 at 14:20

ElYusubov
14.3k32155

1

vote

1answer

225 views

Is the escaping provided by the Google-Gson library enough to ensure a safe JSON payload?

I am currently using the Google-Gson library to convert Java objects into JSON inside a web service. Once the object has been converted to JSON, it is returned to the client to be converted into a ...

java javascript security json

modified Nov 16 '12 at 16:59

gnat
12.1k83878

3

votes

2answers

254 views

Should I be using a JavaScript SPA designed when security is important

I asked something kind of similar on stackoverflow with a particular piece of code however I want to try to ask this in a broader sense. So I have this web application that I have started to write in ...

javascript architecture security

modified Oct 18 '12 at 19:38

Kevin Junghans
21111

3

votes

1answer

119 views

How secure (or insecure) is it to install Node packages globally?

Should I be concerned with security when installing Node packages globally? Why or why not?

javascript security node.js

modified Oct 10 '12 at 12:07

The Dark Knight
1948

1

vote

1answer

189 views

How can we change/protect the namespace of an object in Javascript?

Continuing from my previous question: Javascript simple sample code to understand prototype-based OOP basics Let's say we run into console this two separate objects(even if they are called child and ...

javascript object-oriented security code-security

modified Aug 18 '12 at 16:29

Jacob Swartwood
2112

8

votes

7answers

5k views

How secure is localstorage?

The question says it all really. I want to provide a service but I do not want to store any of the data myself in a database. With all the recent news of hacking etc it seems to me that it is nicer ...

javascript security

modified Aug 7 '12 at 22:58

Justin Meyer
1212

15

votes

9answers

6k views

Why almost no webpages hash passwords in the client before submitting (and hashing them again on the server), as to “protect” against password reuse?

Relevant XKCD There are many sites on the Internet that require login information, and the only way to protect against password reusing is the "promise" that the passwords are hashed on the server, ...

javascript security client-relations hashing client-side

modified Jun 14 '12 at 9:05

Chris Nevill
211

1

vote

1answer

183 views

Javascript: Safely upload a client data file

I'm (still) working on a template-based XML editing program. It's a GUI-based XML editor that only allows users to add certain tags and attributes based off the requirements. You can see the current ...

javascript security data-structures xml

modified Jun 8 '12 at 8:48

Paul de Vrieze
1585

1

vote

2answers

275 views

Securing client->database game

OK, I am creating a game using JavaScript and HTML5. The variables such as map, x, y, level, exp, etc are stored in JavaScript to keep track. On my client page, the JavaScript variables are stored to ...

javascript security html

modified May 25 '12 at 4:37

DieVarDump
1412

1

vote

2answers

291 views

Provide a URL to a CouchDB document attachment without giving the username/password?

I posted this question on DBA, but it got closed and was never reopened even after I rewrote the whole thing to be more specific. I think its more appropriate for programmers anyway :) Background ...

php javascript security couchdb

modified May 22 '12 at 23:32

cs_brandt
1635

5

votes

1answer

360 views

Means for (legit) cross-site scripting

Are there good means for allowing scripts from two or more domains to collaborate in the same browser page? I want to create an extensible platform, where I provide the model and some views, but also ...

javascript security browser

modified May 18 '12 at 20:25

mgibsonbr
37429

1

vote

1answer

282 views

Why hasn't Caja been popular?

Google released Caja around 2008(Capability JavaScript). It is still mainly a laboratory language. But XSS and other attacks would be prevented if there was widespread integration of Caja.

javascript security google

modified May 3 '12 at 2:34

Jasvir Nagra
1061

-2

votes

1answer

237 views

How is JavaScript insecure, and what are the main methods used to deal with that?

I just read about Caja, which is a "sanitized" version of JavaScript. But I'm wondering - what is the big problem with JavaScript(it seems so widely used )? Just how dangerous is it?

javascript security

modified Mar 29 '12 at 23:33

jfriend00
72126

Tagged Questions

Related Tags