View Poll Results: Are you using MVC part of ExtJS4 in your application?

Voters
61. You may not vote on this poll
  • Yes

    43 70.49%
  • No

    18 29.51%
Page 3 of 3 FirstFirst 123
Results 21 to 23 of 23

Thread: Is MVC really required?

  1. #21
    Sencha User
    Join Date
    Apr 2011
    Posts
    96
    Vote Rating
    3
      0  

    Default

    I would like to hear someone who is in favor of JS MVC explain how you deal with security.

    If your controllers contain business logic and they are all JS then you have a security problem.

    Or are people backing their controllers with other (non extjs ) controllers ?

  2. #22
    Sencha User Tim Toady's Avatar
    Join Date
    Feb 2010
    Location
    Pennsylvania
    Posts
    603
    Vote Rating
    284
      3  

    Default

    Client-side Javascipt is inherently insecure. The server should always be responsible for security in a web application.

  3. #23
    Sencha Premium Member
    Join Date
    Apr 2008
    Posts
    360
    Vote Rating
    86
      1  

    Default

    I consider it acceptable for someone poking around in my javascript to break their instance of the application, so client-side security need only go as far as the app not breaking in normal use. The server must enforce correct access control and validation for all calls even if the client side also implements it. Any business logic in client-side JS is subject to inspecting and tampering, regardless of style or framework used, so treat it as just user-experience sugar on top of your secure API calls.
    Chief Architect @ Jarv.us Innovations
    Co-captain @ Code for Philly

    Jarvus builds and optimizes top-quality Sencha Touch and ExtJS apps for open-source projects and clients of all sizes.

    Don't waste time with bugs that have already been found and fixed by the community, compile our tried and tested hotfixes packages into all your projects: https://github.com/JarvusInnovations/sencha-hotfixes

Page 3 of 3 FirstFirst 123

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •