Securing Javascript variables from tampering during server submissions - a comprehensive guide

Currently, I am working on developing a basic MVC application in ASP .NET where I want to store all session user data on the client side. This means that every time the page is loaded, the variables reset to zero (e.g., points in a game). The intention is to then send this data to the server side (via POST) for processing before returning it back to the client. My goal here is to avoid using a database and enhance performance.

However, my concern lies in how to prevent this data from being tampered with prior to reaching the server. Apologies for any naivety as I am new to this concept.

Appreciate your insights!

javascriptasp.netsecurity

Answer №1

Every input originating from the user can be altered, such as JavaScript variables, and FORM variables.

It is essential to always view anything from the client as untrustworthy. Verify if the caller has proper access to the requested resource for every HTTP request. This should be a fundamental principle for all web applications, typically implemented within a filter for added security measures.

Answer №2

One way to ensure data integrity is by embedding an HMAC in the data sent to the client so that the server can verify its authenticity when it is sent back. However, it is important to consider potential replay attacks where a malicious client could resend old data received multiple reloads ago.

If you are avoiding using a database in order to gain a performance advantage, have you actually measured and compared database performance to determine if it is truly too slow for your needs? It's essential to base decisions on concrete evidence rather than assumptions about what may or may not work for your application.

Answer №3

To ensure security, it is advisable to validate user inputs on the server side and check for any potentially harmful characters. Additionally, implementing a hash function can help verify that variables have not been tampered with manually, although users may still attempt to modify them.

Answer №4

Unfortunately, there is no foolproof method to safeguard or maintain the values of JavaScript variables after the page gets reloaded.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Utilizing Vue's computed function to filter values from a JSON dataset

How do I efficiently filter an array of JSON data? Here is the code snippet: <div v-if="vacciCounter"> <b-card no-body class="mb-2" v-for="(stateObject, state) in filteredList" v-bind:key="state"& ...

javascriptvue.js

Helping individuals identify the HTML5 Geolocation notification

Currently working on a website that requires users to accept the browser prompt for location sharing. Many users seem to overlook this prompt, which can lead to issues. The main problem we are facing is that each browser displays this prompt differently: ...

javascripthtmlgeolocation

Connecting ASP.NET Core null values with Angular2 null: A Step-by-Step Guide

Currently, I am working on a web application that is built using .NET Core and Angular 2. The issue I am facing is related to the currency parameter that I am sending from my database to Angular 2. Right now, the currency value is NULL, so Angular 2 receiv ...

c#asp.netangular

Guide to implementing if else statements with Protractor

I am facing some unusual situations and I'm not quite sure how to address them. As a newcomer to testing, I've been tasked with testing a website's cart function for proper functionality. The challenge arises when we add a certain number o ...

javascriptseleniumif-statementjasmineprotractor

Modifying the color of the tooltip arrow in Bootstrap 4: A step-by-step guide

How can I change the arrow color of the tooltip using Bootstrap 4? Here is my current code: HTML: <div class="tooltip-main" data-toggle="tooltip" data-placement="top" data-original-title="Service fee helps Driveoo run the platform and provide dedicate ...

javascripthtmlcsstwitter-bootstrapbootstrap-4

Combine two pieces of data from a JSON object using Angular's ng-repeat

Trying to organize data from a separate array into one section of a table. The first JSON named "names" : [ { "name": "AAAAAA", "down": "False" }, { "name": "BBBBBB", "down": "Tru ...

javascriptangularjsjsonangularjs-ng-repeat

Angular - What is the best way to simulate an HTTP request in testing?

Although I currently have a basic code that triggers an actual HTTP request : @Component({ selector: 'my-app', template: ` <div> <h2>Hello {{person?.id}}</h2> </div> `, }) export class App { name:str ...

javascriptangular

Utilize DOM to attach a button onto an image

I am looking to add buttons onto images using DOM manipulation. Each image will have multiple buttons that, when clicked, will delete the image. I am aiming for a functionality similar to this example - JSFiddle This is the code I have attempted so far: ...

javascriptjqueryhtmlcss

Fill input text fields with values based on dropdown selection and start with 2 input fields pre-filled

Initially, the issue is that there are 2 input text fields displayed. Depending on the selection from a drop-down menu ranging from 2 to 6, additional input fields should be added or removed. Here's my code: function addElements(selectElement) { va ...

javascripthtml

"Calculating the average of embedded arrays in MongoDB and storing the result as an

Here is the structure of my documents: { "_id" : "53ce85eda2579da8b40c1f0f", "name" : "Autokino", "tags" : [ "forMen" ], "ratings" : [ { "rating" : 5, "uuid" : "..."}, { "rating" : 4, "uuid" : "..."}, { ...

javascriptnode.jsmongodbmongodb-queryaggregation-framework

When the if statement fails to halt the code from running

After diving into the world of coding just one or two weeks ago, I decided to create a feature where users can press a key to start playing. No matter what I try, I always end up with the same outcome. Here's my approach: I have an if statement that ...

javascriptjqueryif-statement

Creating unique identifiers in Knockout.js based on text bindings

I am trying to achieve something similar to the code snippet below: <!-- ko foreach: subTopics --> <div id='subtopic-name-here'> <!-- /ko --> Specifically, I want the ID of my div to be set as the name of the corresponding ...

javascriptjqueryknockout.js

Ensure that PHP form validations are checked when submitting the form using jQuery

I have created a form in HTML with basic verification. Here is the code: <form class="" action="submit/save" method="POST" enctype="multipart/form-data" id="submit_form"> <input class="form- ...

javascripthtmljquery

Execute JavaScript unit tests directly within the Visual Studio environment

In search of a method to run JavaScript unit tests within the Visual Studio IDE, I currently utilize TestDriven.net for my C# units tests. It's convenient to quickly view the test results in the output pane and I am seeking a similar experience for Ja ...

javascriptvisual-studiounit-testing

Reset input fields upon jQuery removal

Currently, I am working on a form that includes a remove function. The function is functioning correctly, but I am facing an issue where I want the field values to be cleared when the remove function is triggered. This is necessary as I am sending input va ...

javascriptjqueryhtml

Guide on making an NPM package with a web worker integration

Currently, I am in the process of developing an npm package that incorporates a web worker with type module. The issue arises when I try to link this package to a React application for testing purposes since the application cannot locate the worker.js file ...

javascriptnode.jsnpmweb-workernpm-package

Sharing data across Vue methods

I have a method that makes two API calls and saves the results in separate variables. I need to access these variables from another method to manipulate the data. What is the best way to access data from another method in Vue? Below is the code for my AP ...

javascriptvue.jsvuejs2

The access to the HTTP request has been restricted

Currently, I am developing multiple applications that need to communicate with each other. To test these apps, I am using both Chrome and Firefox browsers. Strangely, the issue persists in both browsers. The issue at hand: In one of my applications (let& ...

javascriptnode.jsreactjsexpressreact-redux

What is the best way to save data in order to effectively showcase a collection of images that together form a single entity in a game

Apologies for the unclear title, I struggled to find the right words. Recently, I delved into the world of 2D game development and was amazed by the capabilities of HTML5's Canvas element. Currently, I am working on my first basic project to grasp th ...

javascripthtmlcanvas

Tips for aligning text in MUI Breadcrumbs

I am currently utilizing MUI Breadcrumb within my code and I am seeking a solution to center the content within the Breadcrumb. Below is the code snippet that I have attempted: https://i.stack.imgur.com/7zb1H.png <BreadcrumbStyle style={{marginTop:30}} ...

javascriptcssreactjsmaterial-ui