Gun.js "safe" 在客户端吗?
Is Gun.js "safe" on the client?
我正在玩 gun.js,到目前为止我很喜欢它。它对我们 gun 在客户端上 安全 吗(尤其是 .put() 调用等)?
如果我正在构建一个 react+redux 应用程序,并且我的 gun.put() 调用来自 thunk,这样安全吗?还是在服务器上执行 CRUD 操作并仅使用 Gun 客户端库检索数据 (.on()) 并保持我的 redux 存储同步更好?
我从 @amark(gun 的创始人)那里得到了答案,他让我 post 在这里回答:
What do you mean by "safe"? Yes, you can perform puts from the browser. You also could do it server-side behind some CRUD (but then you'd have to manage AJAX calls and stuff yourself, which sucks. GUN handles browser/server communication for you out of the box).
By "safe" do you mean, is there any security or something that prevents spam? You'd need to run SEA (which is in alpha), you can learn more here: https://github.com/amark/gun/wiki/auth . Without SEA, everything is unfiltered, with SEA updates can be verified.
我正在玩 gun.js,到目前为止我很喜欢它。它对我们 gun 在客户端上 安全 吗(尤其是 .put() 调用等)?
如果我正在构建一个 react+redux 应用程序,并且我的 gun.put() 调用来自 thunk,这样安全吗?还是在服务器上执行 CRUD 操作并仅使用 Gun 客户端库检索数据 (.on()) 并保持我的 redux 存储同步更好?
我从 @amark(gun 的创始人)那里得到了答案,他让我 post 在这里回答:
What do you mean by "safe"? Yes, you can perform puts from the browser. You also could do it server-side behind some CRUD (but then you'd have to manage AJAX calls and stuff yourself, which sucks. GUN handles browser/server communication for you out of the box).
By "safe" do you mean, is there any security or something that prevents spam? You'd need to run SEA (which is in alpha), you can learn more here: https://github.com/amark/gun/wiki/auth . Without SEA, everything is unfiltered, with SEA updates can be verified.