Skip to content
This repository has been archived by the owner on Feb 26, 2021. It is now read-only.

Is secure to define a collection security rules in /imports? #152

Open
Zeioth opened this issue Jun 15, 2016 · 1 comment
Open

Is secure to define a collection security rules in /imports? #152

Zeioth opened this issue Jun 15, 2016 · 1 comment

Comments

@Zeioth
Copy link

Zeioth commented Jun 15, 2016

I can see you are defining your collection security rules in todos/imports/api/logic_unit/logic_unit.js. This is not dangerous? Any user could read the .js files client side and find any mistake you make. Wouldn't be better to define this rules in /server?
@Zeioth Zeioth changed the title Is secure to define collection rules security in /imports Is secure to define a collection security rules in /imports? Jun 15, 2016
@WitaliB
Copy link

WitaliB commented Jul 5, 2016

As far as I understand and according to the meteor guide:

Any directory named imports/ is not loaded anywhere and files must be imported using import.

see: https://guide.meteor.com/structure.html#special-directories

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Zeioth @WitaliB