Best way to secure single page apps?
Cantor, Scott
cantor.2 at osu.edu
Wed Nov 30 09:44:10 EST 2016
On 11/29/16, 4:57 PM, "users on behalf of Br LRd" <users-bounces at shibboleth.net on behalf of blasterradius at gmail.com> wrote:
> I'm running into a problem with the URL fragments ("#example") are only sent client-side, thus
>
> you can't use them to differentiate directories in apache conf and can't think of a smart way to secure the
> web-app.
Because that's a broken web app, it can't be secured. By definition it's running client-side in an untrusted environment, so that ends any pretense at security.
-- Scott
More information about the users
mailing list