How can I prevent that visitors set fullcalendar (arshaw) to editable:true via firebug? -
http://arshaw.com/fullcalendar/docs/event_ui/editable/
the option editable can manipulatet visistors of site via firebug , change data in database. there solution?
$('#calendar').fullcalendar({ editable: false, [...]
no, not really, though minifying should close enough people give up.
however, if minify , obfuscate it, determined enough able de-obfuscate , reverse it.
there reason why mantra of "never trust client" repeated. need add server side checks data ensure consistent , expected, if real worry.
Comments
Post a Comment