|Subject:||Re: Qbe date parse results - final?
|Date:||Tue, 17 Apr 2018 12:28:27 -0400
|From:||"Larry DiGiovanni" <nospam@nospam>
Bernie van't Hof wrote:
> In the last few years we have seen an explosion of ways to move more and
> more of the app to the client. This makes sense as it lightens server load
> and reduces duplication eg validation. However it also creates security
> implications and exposes source code.
You absolutely have to enforce all business and security rules on the server
side. Insert/update/delete logic, as well as row and field access
restrictions. As you have noted, this cannot be accomplished on the client.
You can choose what rules to duplicate on the client to improve performance
and/or user experience.