Applications that run in the browser and connect to backend services have the challenging problem of security. Given the open nature of the browser environment, where anybody can inspect or even modify a running application, it is practically impossible to hide secrets such as access tokens or passwords from a savvy user (or from the attacker that gained control of their computer).
Miguel Grinberg is a software developer at Rackspace, where he works on cloud applications. He blogs about a variety of topics, including web development, Python, robotics, photography, and the occasional movie. Miguel is the author of the O’Reilly book Flask Web Development. He lives in beautiful Portland, Oregon.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org