DEV Community

Discussion on: 15 DevTool Secrets for JavaScript Developers

Collapse
 
asayerio_techblog profile image
OpenReplay Tech Blog

Only for your local copy, but yes, if you're sharing the computer with someone else, it could be a potential attack vector.

Collapse
 
aarone4 profile image
Aaron Reese

What I meant was, if you have a file that runs some business logic on the front end and that file can be subverted by loading an alternative copy from the hackers local machine and you don't re-validate server-side ...

Thread Thread
 
ntchambers profile image
Nicholas Chambers

That's not really anything unique to this. You would have the same problem with any browser extension or userscript. This isn't even a problem unique to the browser. Client side validation is a hard to enforce concept. However, being able to supply your own files is hardly a vulnerability.