A little logic Asp.NET and AngularJS Annexes
Have a good time of day, stecowerfloucans, write an app, and think about the logic, now I'm doing this:
(1) I collect OBD data on the server (e.g. photographs that are broken on albums)
(2) Maintain all photographs in the mass
(3) In a particular album, I transmit all photographs and id album to the method English
(4) A sample of photographs with the right photos albumId And I'm returning to the mass.
Please tell me how the right thing is to do this and similar logic and security thing on the client's side or do all this on the server's side?
Thank you for your answers.
All security requirements are essentially related to:
Server should never, under any circumstances, give to the client data that the client has no right to examine. It doesn't matter if the request for such data on the client, the request can always be forged. All rights checks should be carried out on the server, all information should be filtered according to server rights. That's it.
Server shouldn't change the state of use when you get it. Such requests are sent by the browser without checking the cross-site security until the request is made and can be sent by malicious men (although he does not receive the answer, the server will process the request).