Variables are safe?

lianr7 · March 22, 2024, 6:35pm

Can a malicious user manipulate my application’s variables and display, for example, a modal with conditional rendering based on a variable?

Micah · March 22, 2024, 7:16pm

Yes, via the Inspect Element panel

lianr7 · March 22, 2024, 7:27pm

oh no. I made many things in my app based on variables. I need to do a scan.
Thanks, Micah

Micah · March 22, 2024, 7:42pm

The way variables should be used is to store authenticated user data, or operational data that’s okay to be exposed. If you’re trying to hide sensitive data in a variable, it can be exposed.

In the case of having properly authed users, it doesn’t matter that the user can see what is inside the variables because it’s their data. But if there is info they shouldn’t see, it should live in your backend that only properly authed users can access.

Topic		Replies	Views
Conditional rendering - user with different roles How do I?	1	155	July 3, 2023
How to show modal when variable is empty Ask us anything	4	199	September 19, 2023
Efficiency wise, is it better to preserve variables on navigation? Ask us anything	0	52	February 27, 2024
Undesirable behavior w/ conditional modal display on app load Ask us anything	7	269	November 27, 2023
Difference between conditional "display" and "Conditional rendering"? Ask us anything design	1	114	February 8, 2024

Variables are safe?

Related Topics