Angular canActivate Security

Question

Angular canActivate Security

I've been thinking a lot lately about the security of the application I'm working on. The client side is built in Angular with a Rails API backend. From what I can gather, the general consensus is that if it's on the client, assume it might be compromised. So it surprises me when and if I should use something like canActivate

for a route, or if I should instead check for authorization every time on the server for route requests. I was thinking about putting an auth request to the server in canActivate

, but I'm guessing there canActivate

is a hack to respond true

without having to respond by the server? If so, something like canActivate

if it's just a glass door?

+3

angular

andyrue May 04 '17 at 13:47

source to share

No one has answered this question yet

Check out similar questions:

1059

Safe hash and salt for PHP passwords

731

Best Practices for Securing REST API / Web Service

728

Angular HTML binding

414

What Every Programmer Should Know About Security?

414

Worst security hole you've seen?

five

How do I get Angular to send a request to the server in HTML5 mode?

3

Angular 2 Guard / Auth Guard

1

Angular routing fails after update (eponymous routing server route)

0

Redirecting handles to login page from server using angular client 4

0

URLs not saved with Angular Routing and Spring Security due to "#"

Angular canActivate Security

More articles: