(http.jameshfisher.com)

652 points jamesfisher | 3 comments | 28 May 19 07:57 UTC | HN request time: 0s | source

1. ludwigvan ◴[28 May 19 17:48 UTC] No.20032529[source]▶

>>20028108 (OP) #

Also if you are a front end developer and are on an insecure WiFi (coworking space or public WiFi) make sure you only bind to localhost.

Otherwise other people on the network can see your frontend code which you are probably compiling with sourcemaps, which will give the attacker almost the complete source code of your SPA.)

replies(1): >>20033370 #

2. miguelmota ◴[28 May 19 19:16 UTC] No.20033370[source]▶

>>20032529 (TP) #

But frontend applications expose mangled javascript which can be reverse engineered anyway

replies(1): >>20034658 #

3. ludwigvan ◴[28 May 19 21:37 UTC] No.20034658[source]▶

>>20033370 #

It can be done, but it is usually uglified. No need to give the plain source to outsiders.

↑

I can see your local web servers