blazor-starter-kit icon indicating copy to clipboard operation
blazor-starter-kit copied to clipboard

Published 20 hours ago verified publisher icon fullstackhero

[Question] Exposing (potential sensitive) code in the clients browser

Open Rogn opened this issue 3 years ago • 4 comments

This is a great project! Thanks for that

But I have a question about the current architecture in regards to exposing (potential sensitive) code in the client. If you look at the project dependency graph for the Client, it references all the projects, except the Infrastructure ones. And if I understood Blazor WebAssembly correctly, the code for all these project will end up being delivered to the clients browser, where it would be possible to reverse-engineer the code. image

Is this correctly understood?

It seems that the primary reason for referencing the Application project, is to use the Request and Response entities. Would it not make sense to extract them into their own Project, and then have the Application and Client (Client.Infrastructure) project reference that project as the Client would then have no direct dependency on the Application project?

/Hallur

Rogn avatar Jun 08 '21 22:06 Rogn