Reputation: 11247
Node.js server side code protection
I am developing my next web app with node.js. With ASP.net for example, the .cs server side code can't be accessed from a client browser. What I want to know is when I develop my app using node.js, does the server.js file is protected from people who browse my website. What I mean is that I don't want the visitors of my website to have access to the .js server side code. Can I protect those files using CHMOD file permissions, will it help?
Upvotes: 7
Views: 2001
Answers (2)
Reputation: 34630
It's not because Node.js uses Javascript that your files are magically accessible in the browser. In Node.js just like in Asp.net there is a difference between client-side and server-side. If you don't serve your Javascript files to the client than they wont be public.
Upvotes: 1
Reputation: 1168
If you're using Express.js as the web server you have a "public" folder where you put your static files that are served straight up. Outside of that folder you have other sibling folders where you keep your code like "controllers" and "models." You can't navigate to one of these folders through the web browser so they are inaccessible because your web server's document root is "public."
project_root/
- app.js
- public/ <-- web root
- javascripts/
- stylesheets/
- images/
- some_static_page.html
- controllers/
- models/
- routes/
- views/
- node_modules/
Upvotes: 9
Related Questions
- node.js - Code Protection?
- How can I protect node application source code?
- How do you prevent a NodeJS server from potentially exposing function code?
- how to protect server side script and hidden which are writing with Node.js
- How to secure node js API
- Protect Node js runtime or disable debugging/inspection
- node.js code protection
- Ways to secure Server communication
- Security in Node.JS Webserver