Reputation: 1541
Separating/protecting sensitive business layer logic from client side script in single page app
We've developed some environmental impact calculations and spent a lot of money having them checked and approved by qualified 3rd parties. I'm currently moving our website from traditional asp.net client/server code to a single page application.
Obviously if I was to do the calculations on the client side in script then even if I obfuscated the code with non-semantic variable names, our competitors would be able to reverse-engineer the code fairly easily.
Being somewhat new to all this, my idea is to have the calculations done in asp.net server code called by the same web api that I use for database interactions so I can make async calls which update the relevant parts of the page (via knockout) when the calculation is finished.
Is this the standard/best way to do this or am I completely missing a better way?
Upvotes: 0
Views: 195
Answers (1)
Reputation: 1919
Service Oriented approach could be a solution for you. You can use WCF or Web services for all your calculations (or other services) then using ajax call, bring the result back to the client So you actually create WCF services and then consume it using client script
Here is a step by step approach to consume a webservice using javascript http://weblogs.asp.net/yousefjadallah/archive/2010/03/06/step-by-step-how-to-use-web-services-in-asp-net-ajax.aspx
Upvotes: 1
Related Questions
- How do I architect single page application using Knockout?
- How to process sensitive data in single page apps
- Technical ways to protect SPA code in production
- How to secure knockout template?
- Knockout JS / MVC Security With Model Binding
- HTML5 Offline Single Page Application (SPA) - Security Concerns
- Securing jQuery SPA web services
- Webapp security for client-side game logic operations
- Ideas on Protecting Web App data sources
- Protecting client side logic & data