1

I'm developing a JEE application with AngularJS. This app is meant to be secure, so I was wondering if there's a way to block a user from editing a JSON coming form a response, or a variable in the controller, if he goes into the debugger console in Chrome/Firefox.

For instance: I store the resulting ID of an LDAP authentication in my AngularJS controller. If the user opens the Dev Console in Chrome and puts a breakpoint in the line right after this variable is assigned, they'll be able to modify it, as far as I know.

Is there a way to make my controller safe from this kind of tampering?

Improve this question
1
  • 2
    The user can also make a request directly to your URL without using your app. Commented Mar 21, 2017 at 2:14

1 Answer 1

Reset to default
1

In front-end world, everything could be changed by users. You cannot rely on front-end code to guarantee the security. If your app requires high security, you should have your backend server validates the posted data.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.