Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.javascript > #7697

Re: Three tier web model?

From Richard Damon <news.x.richarddamon@xoxy.net>
Newsgroups comp.lang.javascript
Subject Re: Three tier web model?
Date 2011-10-26 11:23 -0400
Organization A noiseless patient Spider
Message-ID <j898l2$2kq$1@dont-email.me> (permalink)
References <40965ce2-2989-4271-b631-5462621ebf8e@q16g2000yqn.googlegroups.com>

Show all headers | View raw

On 10/26/11 9:18 AM, Filippo Portera wrote:
> In the classical three tier model for web applications there are a web
> browser, an application server and a DB.
> I wonder if it is possible to bypass the application server altogether
> by writing a jdbc driver (Chrome supports WebSockets) that connects
> directly to the database.
> This will speed up the conversation between the browser and the DB.
> If you have any suggestion please write to: fportera2@gmail.com

The big issue here is security. If the client side code has all the 
access information to access the database, a malicious user can reverse 
engineer this code and corrupt the database. The application server 
layer is what provides access control/security.

Remember the cardinal rule of web development, NEVER totally trust data 
from the user, but verify, verify, and verify. This needs to be on the 
application server layer.

Back to comp.lang.javascript | Previous | NextPrevious in thread | Find similar | Unroll thread

Thread

Three tier web model? Filippo Portera <fportera2@gmail.com> - 2011-10-26 06:18 -0700
  Re: Three tier web model? Richard Damon <news.x.richarddamon@xoxy.net> - 2011-10-26 11:23 -0400

csiph-web