-
-
Notifications
You must be signed in to change notification settings - Fork 328
-
This may not be the canonical way to solve the general problem; but I'm thinking of an idom component that is sent to the front-end together with a RSA public key for. For example, for entering credentials for some third-party API. The user JS part of the component/page does the encryption, and the encrypted message is sent to the server. This would allow to do development without SSL, at least.
My question is: is it safe to assume that, for example, the contents of a idom.html.textarea will not be sent to the server if no explicit logic (such as 'onChange' events) is implemented for it?
Thanks ~
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 3 comments
-
As long as your ASGI webserver is set up to handle encryption, all IDOM traffic will be encrypted as well.
Beta Was this translation helpful? Give feedback.
All reactions
-
To address your specific question, no. The client does not send the content of the <textarea> to the server unless there is an event handler attached to it. However, if any event handler (not just onChange) is attached and that event is triggered, the <textarea>'s content will be sent to the server.
Beta Was this translation helpful? Give feedback.
All reactions
-
Thank you for the clarifications!
Beta Was this translation helpful? Give feedback.