Meteor prevent methods from being called from console -


i have meteor game of heads or tails keeps stats of user in profile. stats eg. wins , loses changed using meteor methods incrementwins , incrementloses.

is there way prevent users calling these methods on console?

i didn't find precise answer question i'll add one.

is there way prevent users calling these methods on console?

the short answer no.

as long have meteor variable available on client, it's not possible restrict user use if browser console. meteor allows client side use meteor.call function in conditions, therefore if restrict usage somehow, affect whole application, not browser console.

you can, however, make methods more secure. know, can make code run either on client side, server side, or both. if put methods on server side, client side never know what exactly happens methods executed, nor able influence or intercept control anyhow.

on other hand, if put methods in lib/ or both/ folder (or root folder of app), methods run both on client , on server. insecure part of code (like bulk removing collection items or manipulating meteor.users collection) won't executed on client side. may want put change ui state or show messages, ironically, on browser console. think twice before applying practice.

i think exaggerate meaning of ability run on browser console. first, small group of users (but if do, expect smallest holes in app exploited). second, meteor secured in part, doesn't allow user run insecure code (unless insecure package added, default create new app). , third, of time, methods executed, data updated reactively, meteor takes care of out of box, don't need worry refreshing ui after app state change, etc.


Comments

Post a Comment

Popular posts from this blog

sublimetext3 - what keyboard shortcut is to comment/uncomment for this script tag in sublime -

Image
i have script tag in code, keyboard shortcut comment/uncomment script tag in sublime. after selecting script open , close tag. <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script> i pressing ctrl + shift + / , getting this /*<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script>*/ also pressed ctrl + / , got this // <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> // </script> instead of <!-- <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script> --> script open , close tag in 2 lines not in 1 line , not have spaces too. for mac,high light lines want comment. hold 'command , / ' commented. for windows: high line or select lines ,then hold ctrl + / if not work: ...
Read more

java - No use of nillable="0" in SOAP Webservice -

i have received xsd 3rd party supplier generated java based system; used create soap endpoint receive data transfers. xsd not make use of nillable attribute defined within w3c/xsd namespace, example: <xs:complextype name="customer"> <xs:sequence> <xs:element minoccurs="1" maxoccurs="1" name="id" type="xs:integer"/> <xs:element minoccurs="0" maxoccurs="1" name="titleid" type="xs:integer"/> <xs:element minoccurs="0" maxoccurs="1" name="firstname" type="xs:string"/> <xs:element minoccurs="0" maxoccurs="1" name="familyname" type="xs:string"/> <xs:element minoccurs="0" maxoccurs="1" name="previousname" type="xs:string"/> <xs:element minoccurs="0" maxoccurs="1" nam...
Read more

ubuntu - Laravel 5.2 quickstart guide gives Not Found Error -

edit: think problem due not setting apache properly, these 2 links helped me. solution: http://laravel.io/forum/06-11-2014-not-found-but-route-exists https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-14-04-lts end edit i'm following laravel 5.2 quickstart guide. https://laravel.com/docs/5.2/quickstart i'm running ubuntu 14.04.2 the website runs initially, when click on add task button run 404 not found error. as per guide run following commands setup complete quickstart project. git clone https://github.com/laravel/quickstart-basic quickstart cd quickstart composer install php artisan migrate additionally run following commands because i'm on ubuntu server: sudo chown -r www-data.www-data quickstart sudo chmod -r 755 quickstart sudo chmod 777 quickstart/storage the routes.php file looks like: <?php use app\task; use illuminate\http\request; route::group(['middleware' => ['web']]...
Read more