Hello to everyone,
how much can I manipulate the code in Frontend?
Let’s say I call a security check from backend. If the backend call returns true, everything is fine, if false, then not. Now I read frontend code can be seen and manipulated by anyone. Is it possible to delete my security-check-call as a client?
Thank you guys for help and have a nice weekend!
Norbert M.
Here is an article on Corvid Security Considerations .
Hello Yisrael,
first thank you for your answer. I should have mentioned that I read the article on Corvid Security Considerations before. That’s how I know, that the frontend code can be manipulated by the client.
Can you give me some help to my specific question explained above, please?
Greetings
Norbert M.
You’ll need to be more specific in what you’re trying to do. For example, if you are checking a user, some of the checking can be done in the backend using wix-users-backend instead of using wix-users in the frontend.
If you want to check authorization and then take an action, such as allowing access to a specific web page, you might want to consider using routers .
You can see how this works in the Stripe Payment Processing example .