Is Angular 6: xyz.service.ts executing on the client or server side? Revealing API-URLs and DB passwords?

Currently experimenting with various tools, I've been delving into Angular. Recently, I came across this informative Tutorial that helped me set up a basic example application successfully.

In the data.service.ts file, I have defined a method called getUsers() :

getUsers() {
  return this.http.get('https://jsonplaceholder.typicode.com/users')
}

The tutorial makes use of the jsonplaceholder API. My query is: If I develop an Angular application and make it public, will the user be able to view the API URL? Or does Typescript/Javascript run on the server-side (Node.js) while the client only sees a call to 'getUsers()' and receives JSON data without accessing the actual API URL?

On another note, if I intend to utilize my own MySQL database for storing user information, do I need to create an API for interacting with the DB, or can I establish a direct connection as shown in this JavaScript snippet:

var mysql = require('mysql')

var con = mysql.createConnection({
    host: 'localhost',
    user: 'root',
    password: 'test',
    database: 'my_schema',
});

If connecting directly to a database like this is feasible, could there be a security concern since the connection to the database would be initiated on the client side, potentially exposing sensitive information such as passwords?

javascriptangulartypescriptsecurityangular6

Answer №1

Is it feasible to establish a direct connection to a database in this manner? Are there potential security risks involved, such as exposing passwords on the client side?

Absolutely, there are indeed security concerns at play here; however, if the software is managed by the client, this approach may align with your requirements.

On another note, if I opt to use my own Database for User data, do I need to create an API for my MySQL-DB, or can I connect directly using a JavaScript Snippet like this:

I would strongly suggest developing an API (e.g. RESTful) and implementing user authentication on the server side to ensure secure access to valuable information. Make sure to incorporate all necessary security measures (encryption-in-transit, hashing, endpoint security, etc).

The necessity of this step hinges on the intended purpose of your software. If it's simply a small project for experimenting with Angular, you might focus on honing your front-end development skills.

Best of luck!

Be cautious about potential vulnerabilities in any local JavaScript code that might expose public API keys embedded within it. While encrypting local database files is an option, relying solely on client-side encryption may not guarantee total safety either.

Explore the Chrome DevTools Network tab on this Stack Overflow page for further insight. Though no JSON objects were visible in the response bodies, you'll grasp how the same http components used to access APIs in your code can be easily accessed here.

I am confident that no sensitive API keys are inadvertently disclosed in this specific example.Please don't take my word for it.Assistance is welcome. Ctrl+Shift+I

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Effective ways to enable users to upload files in a React Native app

Being in the process of developing a react native app, I am faced with the challenge of allowing users to easily upload files from their mobile devices (pdf, doc, etc). Unfortunately, my search for a suitable native component has proven fruitless. Can anyo ...

cssjavascriptreact-native

Create a Vue slot layout that mirrors the structure of Material UI

This is the code I have been working on: <tr :key="index" v-for="(item, index) in items"> <td v-for="header in headers" :key="header.value"> {{ item[header.value] }} </td> <td> & ...

javascriptvue.jsmaterial-uivue-slot

The ng build process remains active and does not exit while staying in the terminal

Since upgrading to Angular 15, I have encountered an issue with my build process. "build:project:prod": "ng build project --configuration prod --stats-json=true --single-bundle=true && npm run copyAssets" After the build comple ...

angularnpmangular-cling-build

Issue with jQuery centering in IE browsers with jquery-ui-1.10.3.custom.js and jquery-ui-1.9.2.custom.js not working as expected

Are there any other alternatives you can recommend? Here is the dialog structure: <div id="dialogbox" title="message box"> <p>example content</P> </div> ...

javascriptjqueryhtmlcss

Ensuring the presence of TypeScript variables

Take a look at this code snippet: let str: string | null; function print(msg: string) { console.log(msg); } print(str); When running this code, the typescript compiler correctly identifies the error, stating that Argument of type 'string | nu ...

typescript

PageCallbacks in .NET 1.1

Is it possible to utilize PageMethods in .NET 1.1 for making server-side method calls from the client side? Could you provide a brief explanation on how to use this feature by calling PageMethods.MyMethod(); ? ...

javascriptasp.netajaxjquery

Material User Interface, MUI, Modal, Back to Top Scroll按钮

After spending some time experimenting with scrollTop and the Dialog component (a fullscreen fixed modal) from Material-ui, I found that I couldn't quite get scrollTop to function properly. Whenever I clicked the "go down" button, it would either retu ...

javascriptcssreactjsmaterial-ui

Retrieve the data stored in an array of objects

code props.thumbnails.forEach(value=>{ console.log(value.photo.thumbnail_url); }) error TypeError: Cannot read property 'thumbnail_url' of undefined Trying to loop through props.thumbnails array and access the thumbnail_url pro ...

javascriptreactjsforeachjsx

Logging into Facebook using Selenium tests

I have a django project where I am utilizing django_facebook for Facebook interactions and Selenium for automated system testing. During the testing process, when attempting to log into Facebook from my application, I execute the following steps: ...

javascriptdjangofacebookseleniumdjango-facebook

The functionality of sending a list of objects with a file via AJAX to an ASP.NET controller is failing to

Currently, I am working on ASP.NET Core and I need to send a list of objects containing files from an Ajax request to the controller. For more details, the object I want to send includes a file. You can view an image here. ViewModel public class FormDat ...

javascriptc#jqueryajaxasp.net-core

v-bind is not recognizing modifications in the array elements (vue js)

I'm currently working on switching the id of an image upon the user clicking a button. At first, the id should be set to B0_h, but once the user clicks the button, it should trigger a change in an array value to true. Initially, all values in the arra ...

javascripthtmlvue.jsvuejs2

Tips for utilizing a select input type in redux-form

I've been struggling to implement a select input type in my react form using the redux-form library. While all other input types are functioning properly, I'm encountering issues with the select input when it comes to actions like initialize and ...

javascriptreactjsredux-form

A guide to managing string comparisons and file writing in Node.js using the xlsx library

This code snippet is designed to extract the title of a webpage by passing the URL from an excel file, checking if the title contains a specific keyword, and then saving that domain to a new excel file. While there are no issues with the partial code, the ...

javascriptnode.jswebweb-scrapingcheerio

React query failing to transfer props to API

I am facing an issue while using react query to make an api call. I am unable to pass the props to the api url even though they are being logged successfully in the console. //useData.js import { useQuery } from "@tanstack/react-query"; import Er ...

javascriptreact-nativereact-propstanstackreact-query

JavaScript: Exploring Content Inside Headers

Using document.body.innerHTML allows you to search within the body of a webpage. Is there an equivalent method for searching within the "Head" section? I've been looking around but so far, I haven't come across any such function. ...

javascriptheaderinnerhtml

Eliminate a row in an HTML table depending on a certain condition

I have an HTML table that I am dynamically adding values to: <TABLE id="dlStdFeature" Width="300" Runat="server" CellSpacing="0" CellPadding="0"> <TR> <TD id="stdfeaturetd" vAlign="top" width="350" runat="server"></TD> < ...

javascriptjqueryhtmlhtml-table

Are Lazily Instantiated Singletons a Thing in AngularJS?

After browsing through the AngularJS documentation, I came across an interesting detail about AngularJS services: AngularJS lazily instantiates services, meaning they are only created when a component in the application requires it. Services in AngularJ ...

javascriptangularjsservice

Get your hands on a PDF containing server node and vue.js

I am facing an issue with creating a secure download link for a PDF file on the server. When clicking on the link, the file is not being downloaded properly. Ensuring that the PDF link remains hidden from the client but still allows for downloading direct ...

javascriptnode.jsexpressvue.js

Can you explain the functionality of sinon's stub.yields method?

The explanation given in the documentation for sinon regarding stub.yields is as follows: By using stub.yields([arg1, arg2, ...]), you are essentially performing a function similar to callsArg. This will result in the stub executing the first callback it ...

javascriptsinon

How to modify values in a JSON array using JavaScript

Currently, I am facing an issue with displaying dates properly on the x-axis of a graph created using Highcharts. To solve this problem, I need to parse the dates from the JSON response. Despite my attempts to manipulate the JSON date, I have not been able ...

javascriptjsonhighcharts