Y
Hacker News
new
|
ask
|
show
|
jobs
by
mentat
4179 days ago
Perhaps you can quality "client-side security"? You mean never trust the client right?
1 comments
dsacco
4179 days ago
Yes, that's exactly what I mean. Treat all user-input (and by extension, client-side anything) as dangerous. A server putting a security protocol in the hands of the client when it is not unavoidable is usually bad.
link