Hi,
I don't know it this is the right communities but here is my question. I will start developing a software where security is the must. May main language is python, but I'm also confortable with JS, HTML and CSS.
My idea is build the application in Electron JS with the stack mentioned above, where Python communicates with Electron via web socket. Furthermore, the application is supported with a REST API running in a remote server. It's also important to note that many people use the same PC that is running the application.
My concern is: With electron every user can see the source code. Then, they can make changes to the JS files and inject malign code (Eg: Send username and password to another server while anyone login). The solution is make the requests to the API via Python code which can be encrypted unlike the JS. But this is really a mess, because I really want to make the requests to API in the JS files.
Any suggestion there? There is anyway of encrypt the JS code? There is any alternative to Electron which mittigates this seccurity issues?
Best Regards,
submitted by /u/mhubris
[link] [comments]
from Software Development – methodologies, techniques, and tools. Covering Agile, RUP, Waterfall + more! https://ift.tt/31gi9jX
Ameer Academy 