+ 9

[CONFUSED] If client-side scripting language like JavaScript is not secure, then why do people keep on recommending them?

I'm really confused right now because several people says that JavaScript is not secure BUT why do people keep on recommending native JavaScript rather than its frameworks and libraries like Angular5, React and Vue and also there's a server-side scripting languages like PHP, Laravel, etc which is more secure than client-side.

26th Aug 2018, 2:25 PM
Email Not Activated
10 Respuestas
+ 20
JavaScript is a client side scripting language. In most circumstance, a user can easily access and edit your page JS content. In the case where you slip up and use JS to handle stuff within security context, injections can be done and that's where it's "insecure". In fact, JS is not insecure. There are only JS codes written in such a way that compromises the security of a site. There will be practitioners who blame the language directly, instead of figuring out what went wrong and the correct method to actually handle and process sensitive information. It's not fair to compare JS to PHP and other server side languages, as they serve completely different purposes.
26th Aug 2018, 3:13 PM
Hatsy Rei
Hatsy Rei - avatar
+ 12
Good question. Thanks for the information 🤗
28th Aug 2018, 2:55 AM
NimWing Yuan
NimWing Yuan - avatar
+ 10
JavaScript is the most secure script in fact, otherwise nobody would want to use browsers to load any webpages nowadays, nearly all webpages contain JavaScript codes.
26th Aug 2018, 3:51 PM
Calviղ
Calviղ - avatar
+ 8
Sleepy Koala Don't be confused. All JavaScript frameworks are basically JavaScript codes including React, Vue, Angular, jQuery...
27th Aug 2018, 9:11 AM
Calviղ
Calviղ - avatar
+ 4
Calviղ Can you explain which is more secure if native JavaScript is compared with React or Vue?
27th Aug 2018, 8:25 AM
Email Not Activated
+ 4
the Frameworks are just for making javascript easier, javascript is the main language. anything you can do with frameworks, you can surely do it with pure javascript
27th Aug 2018, 5:19 PM
Tech Inary
Tech Inary - avatar
+ 3
Thanks to all for your informative answers guys! Love this community! I learned much everyday!
28th Aug 2018, 11:10 AM
Email Not Activated
+ 1
Because we need Javascript, it's essential for a good user experience. If somebody want to change the code from his client side, the page can be not working anymore but the user did it. BUT, cause everybody can see your javascript code, you have to keep your ids for database for example, in the server side.
28th Aug 2018, 11:29 PM
Αητοιπe
Αητοιπe - avatar
0
One reason people may think that Javascript is not secure, is because of many virus had been made with it. Reason why some mail services don't allow you to send -.js- files.
28th Aug 2018, 2:20 PM
Santiago
Santiago - avatar