Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

vue-router route encryption (without webpack) for security

Tags:

vue.js

vue-router

In vue or vue-router ; Is it possible to minimize encrypt the route html/js and decrypt and use by vue-router at other end

export default{
  template:'',
  data:...
  methods:..
}

just to make sure code is minimized and not exposing all the client code for attacks/security

Note: not using webpack.

Another Note: to clarify: export default{... } was clearly visible in the network panel. Causing the source of hacks and security breaches.

So here is what i am looking for : Encryption will be done on server side in node.js

Decryption will be done on client side after the network panel loads the route.

So now instead of export default .. it will now be some encrypted text in network panel. After decryption and decompression it gets loaded into vue-router.

like image 720
shrw Avatar asked May 06 '19 10:05

shrw

People also ask

Do I need Webpack for Vue?

js files, the template that the component uses is then defined in a different file or given as a simple string. In that case, you do not need Webpack. Webpack is a module bundler that takes your development assets (like Vue components and plain Javascript files) and combines them into so called bundles.

Is Vue vulnerable to XSS?

This repository demonstrates how web apps that use both serverside rendering and Vue. js can be vulnerable to XSS even if they take precautions.

1 Answers

First - there is no point to encrypt routes. Any kind of encryption you will make on backend - should be decrypted on the frontend. And you will make a method that would decrypt it. For anyone who can use chrome devtools it would be a matter of minutes to bypass your encryption.

Second - you may obfuscate your code. But again - it just a matter of minutes, literally, to deobfuscate it.

And any of the above methods would just increase bundle size and degrade performance.

At first, you must implement security on your backend.

If you are so worried that somebody will see your very private routes - build two or three bundles. With the same components/almost same look. But with limited routing. It's quite easy to implement due to Vue component nature. And depending on user type inject the corresponding bundle into the page.

like image 195
Ivan Klochkov Avatar answered Sep 23 '22 15:09

Ivan Klochkov
Sign in to Comment

Related questions

Separating data in vuex
Changing watcher value in watcher
How to display error message in front end using vue js?
Vue.js gives weird object with Observer data
vue-multiselect dropdown list without horizontal scrollbar
How to add authorization header when runtime import webpack chunks of Vue components
Debugging .vue component in Chrome
RouterLink attrs is readonly
In quasar how pass data to the layout from the page
Vuejs Axios data not showing
Using Vue-router, is there any advantage of using named routes than just using the path directly?
Vue TypeError _vm is not a function
Vue - Compile other folder outside of /src in Vue.js project
Pulling in several static properties into Vue.js
Firebase (client-side vs server-side)
How to add pagination on vue-tables-2 using Laravel rest api?
Nuxt deployment error: server resources are not available
Why doesn't it work when sameAs is used in vuelidate?
@vue/cli-plugin-pwa not creating service-worker.js
Where is vuex physically stored?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!