4

What I understood?

It shares some code between client and server as both are in javascript. eg: form validation.

How does this work? Can the shared code be seen from the browser? If yes then it becomes easy for an attacker to find loopholes in our code. Since the same code is being executed in the server side the attacker can pass through the server side validation too.

Are there any drawbacks or security issues if we follow this approach?

4

1 回答 1

3

它在客户端和服务器之间共享一些代码,因为两者都在 javascript 中。例如:表单验证。

是的。由于在客户端执行的唯一可靠的语言是 JavaScript,并且由于 node.js 是唯一的 JavaScript 服务器端框架,因此 node.js 是目前实现这一目标的唯一方法。(Java 也可以用 applet 做到这一点,但几乎没有人再使用这些了。)

有几个 JS 项目已经使用了同构原则——更多在这里

唯一的缺点是您在技术选择方面受到严重限制,如上所述。

于 2014-02-14T05:54:09.113 回答