Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Node.js server side code protection

I am developing my next web app with node.js. With ASP.net for example, the .cs server side code can't be accessed from a client browser. What I want to know is when I develop my app using node.js, does the server.js file is protected from people who browse my website. What I mean is that I don't want the visitors of my website to have access to the .js server side code. Can I protect those files using CHMOD file permissions, will it help?

like image 851
Idan Shechter Avatar asked May 12 '12 03:05

Idan Shechter


2 Answers

If you're using Express.js as the web server you have a "public" folder where you put your static files that are served straight up. Outside of that folder you have other sibling folders where you keep your code like "controllers" and "models." You can't navigate to one of these folders through the web browser so they are inaccessible because your web server's document root is "public."

project_root/
  - app.js
  - public/      <-- web root
    - javascripts/
    - stylesheets/
    - images/
    - some_static_page.html
  - controllers/
  - models/
  - routes/
  - views/
  - node_modules/
like image 170
JamesOR Avatar answered Sep 20 '22 23:09

JamesOR


It's not because Node.js uses Javascript that your files are magically accessible in the browser. In Node.js just like in Asp.net there is a difference between client-side and server-side. If you don't serve your Javascript files to the client than they wont be public.

like image 26
Pickels Avatar answered Sep 19 '22 23:09

Pickels