Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>I'm by no means an expert, but here are some thoughts I've made on this. I don't think you've missed anything (if so, I have too) - I think this is a pretty fundamental issue with all client applications, whether it's a compiled executable or a Javascript. </p> <p>Of course, the compiled executable is not particularly hampered by it, because it's been made into machine code which is very difficult to read or decompile into anything useful. With Javascript however, the application is often served exactly as you wrote it, and so it's easy to modify and reason about.</p> <p>That brings me to the first semi-solution: obfuscating your Javascript. If you use Dojo's build tool with the shrinksafe parameter, all unnecessary whitespace is removed and all identifiers are shortened, making the code quite difficult to read. I called this a semi-solution, some may say even that is giving it too much credit - I myself still think it's worth doing. After all, the shrunk code downloads faster too!</p> <p>The second measure I take in my apps is to separate the different parts into "build layers". For example, in my build profile, I'll have something like</p> <pre><code>dependencies = { .. layers: [ { name: "../myApp/Core.js", resourceName: "myApp.Core", dependencies: ["myApp.Core", "myApp.Foobar"] }, { name: "../myApp/modules/Login.js", resourceName: "myApp.modules.Login", dependencies: ["myApp.modules.Login", "myApp.modules.LoginUi"...], layerDependencies: ["../myApp/Core.js"] }, { name: "../myApp/modules/Secret.js", resourceName: "myApp.modules.Secret", dependencies: ["myApp.modules.Secret", "myApp.modules.SecretUi"], layerDependencies: ["../myApp/Core.js"], authentication: 42 } ] } </code></pre> <p>Now, instead of serving the built JS files directly as static files, I let the requests go through a controller in my server-side application, which checks if the JS layer requires authentication and whether or not the user is logged in with the necessary access.</p> <p>This does have certain cons. The JS files aren't cached, and if I had all my JS in one build layer, the application would probably load slightly faster. There's of course also a limit to how nuanced it's worthwhile to make the layers. More layers mean more hassle, but also more finely grained module access.</p> <p>I'd be interested to hear others chime in on this as well. It's a good question.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload