yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tracker.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2021-12-21 11:29:52 +01:00
parent d29b80b1bb
commit 0cabeedc5e
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
tracker.org
View file

@ -1900,4 +1900,12 @@ Even recently we experienced subtle bugs. And the solution was to get rid
as much as possible of the javascript code that handled the url parsing and building.
Now, this is handled via the backend on the login page.
So the 1st reason to build the HTML
So the 1st reason to host the login page was convenience and bug fixing and
not necessarily security.
Regarding security, I was very afraid to introduce a security bug.
Because, the login page is clearly a nice entry point for security attack.
So I tried to be as conservative as possible.
So no js when possible.
And if we need to use js, do not use any lib, just basic javascript so the
code is easy to understand and debug.